MantisBT 1.2.7 is a security update for the stable 1.2.x branch. All
installations that are currently running any 1.2.x version are advised
to upgrade to this release.
Net.Edit0r from BlACK Hat Group posted a vulnerability report for an XSS
issue in search.php. All MantisBT users (including anonymous users that
are not logged in to public bug trackers) could be impacted by this
vulnerability. Refer to issue #13245 [1] for full details.
This release also contains numerous minor bug fixes to MantisBT and
improved translations in many languages.
A full changelog for 1.2.7 can be found on the official site:
http://www.mantisbt.org/bugs/changelog_ ... ion_id=138
The release can be downloaded from:
http://www.mantisbt.org/download.php
[1] http://www.mantisbt.org/bugs/view.php?id=13245
MantisBT 1.2.7 Released
Moderators: Developer, Contributor