Candidate: CVE-2010-2802
PublicDate: 2010-09-07 17:00:00 UTC
References:
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2802
Description:
 Cross-site scripting (XSS) vulnerability in MantisBT before 1.2.2 allows
 remote authenticated users to inject arbitrary web script or HTML via an
 HTML document with a .gif filename extension, related to inline
 attachments.
Ubuntu-Description:
Notes:
Bugs:
Priority: low
Discovered-by:
Assigned-to:
CVSS: 

Patches_mantis:
  upstream: http://git.mantisbt.org/?p=mantisbt.git;a=commitdiff;h=f017e817762b3348d8c36f17324f07a62393656f
upstream_mantis: released (1.2.2)
dapper_mantis: ignored (reached end-of-life)
hardy_mantis: ignored (reached end-of-life)
jaunty_mantis: ignored (reached end-of-life)
karmic_mantis: ignored (reached end-of-life)
lucid_mantis: ignored (reached end-of-life)
maverick_mantis: ignored (reached end-of-life)
natty_mantis: ignored (reached end-of-life)
oneiric_mantis: not-affected (1.2.8-1)
precise_mantis: not-affected (1.2.8-1)
quantal_mantis: not-affected (1.2.8-1)
raring_mantis: not-affected (1.2.8-1)
saucy_mantis: not-affected (1.2.8-1)
devel_mantis: DNE