This is a security release. All installations currently running any 2.x version are strongly advised to upgrade as soon as possible.
- 0024731: [security] CVE-2018-16514: Reflected XSS in view_filters_page.php via core/filter_form_api.php (dregad)
Please download the release from our website.
In order to stay up to date with the latest MantisBT news and participate in our polls, please follow us on twitter and retweet to spread the word!
A feature release including functional improvements and bug fixes.
- 0024616: [relationships] relationship visibility in different project permission (atrol)
- 0024632: [tagging] Tag cannot be selected if a tag containing the text of that tag has already been selected (atrol)
- 0024633: [bugtracker] Late error message when trying to resolve issues (atrol)
- 0024635: [authorization] Wrong box visibility on
My View page (atrol)
- 0012677: [administration] Please change a search option to manage users (atrol)
- 0020101: [api soap] mc_filter_search_issues can’t filter by date (community)
- 0023336: [html] Inline image attachments should have their own container to prevent scrolling (atrol)
- 0023915: [administration] Search for a part of (Real Name – Username – Email) (atrol)
- 0024622: [api rest] Add function for creating a new project via REST (community)
- 0024624: [api rest] Add function for updating a project via REST (community)
- 0024636: [api rest] Add function to delete a project via REST API (vboctor)
- 0024643: [ui] bug_actiongroup and custom bug_actiongroup don’t provide the same user experience when displaying error message (dregad)
- 0024644: [ui] Footer displays behind sidebar on bug_actiongroup.php (dregad)
- 0024696: [authorization] Custom fields can be changed without having update_bug_threshold access rights (atrol)
- 0024717: [api soap] Add filter for the “last updated“ date in the soap api (community)
- 0024719: [administration]
Impersonate User is offered for disabled users (atrol)
Maintenance release for 2.16.x series.
- 0024647: [security] CVE-2018-14895: XSS in bug_actiongroup.php (atrol)
Maintenance release for 1.3.x series.
- 0024648: [security] CVE-2018-14895: XSS in bug_actiongroup.php (atrol)
Go ahead and download the release from our website.