From bbc6b4f3ea8d0a53ae8c44e4218df6675a4e5fdf Mon Sep 17 00:00:00 2001 From: David Hicks Date: Fri, 18 Jan 2013 21:43:21 +1100 Subject: [PATCH] Fix #15373: match_type XSS vulnerability Jakub Galczyk discovered[1] a cross site scripting (XSS) vulnerability in MantisBT 1.2.12 and earlier versions that allows a malicious person to trick the browser of a target user into executing arbitrary JavaScript via the URL: search.php?match_type="> - +   -- 1.8.1.1