{"id":508,"date":"2017-04-01T01:54:21","date_gmt":"2017-04-01T01:54:21","guid":{"rendered":"http:\/\/www.mantisbt.org\/blog\/?p=508"},"modified":"2017-04-01T01:54:21","modified_gmt":"2017-04-01T01:54:21","slug":"mantisbt-security-releases-1-3-8-2-1-2-and-2-2-2","status":"publish","type":"post","link":"https:\/\/mantisbt.org\/blog\/archives\/mantisbt\/508","title":{"rendered":"MantisBT Security releases 1.3.8, 2.1.2 and 2.2.2"},"content":{"rendered":"<p>Maintenance releases including security fixes for Cross-Site Scripting (XSS) issues have just been released. We advise all installations to upgrade; releases can be <a href=\"https:\/\/www.mantisbt.org\/\">downloaded<\/a> from our website.<\/p>\n<p>Patched vulnerabilities:<\/p>\n<ul>\n<li><a class=\"resolved\" title=\"[closed] CVE-2017-6973: XSS in adm_config_report.php\" href=\"http:\/\/www.mantisbt.org\/bugs\/view.php?id=22537\">22537:<\/a> CVE-2017-6973 &#8211; XSS in adm_config_report.php (affects 1.3.0-rc.2 and later)<\/li>\n<\/ul>\n<p>Additionally, version 2.1.1 also includes fixes previously released in 1.3.7 and 2.2.1:<\/p>\n<ul>\n<li><a class=\"resolved\" title=\"[closed] CVE-2017-6797: XSS in bug_change_status_page.php\" href=\"http:\/\/www.mantisbt.org\/bugs\/view.php?id=22486\">22486<\/a>: CVE-2017-6797 &#8211; XSS in bug_change_status_page.php<\/li>\n<li><a class=\"resolved\" title=\"[closed] CVE-2017-6799 - XSS in view_filters_page.php\" href=\"http:\/\/www.mantisbt.org\/bugs\/view.php?id=22497\">22497<\/a>: CVE-2017-6799 &#8211; XSS in view_filters_page.php<\/li>\n<\/ul>\n","protected":false},"excerpt":{"rendered":"<p>Maintenance releases including security fixes for Cross-Site Scripting (XSS) issues have just been released. We advise all installations to upgrade; releases can be downloaded from our website. Patched vulnerabilities: 22537: CVE-2017-6973 &#8211; XSS in adm_config_report.php (affects 1.3.0-rc.2 and later) Additionally, version 2.1.1 also includes fixes previously released in 1.3.7 and 2.2.1: 22486: CVE-2017-6797 &#8211; XSS &hellip; <a href=\"https:\/\/mantisbt.org\/blog\/archives\/mantisbt\/508\" class=\"more-link\">Continue reading<span class=\"screen-reader-text\"> &#8220;MantisBT Security releases 1.3.8, 2.1.2 and 2.2.2&#8221;<\/span><\/a><\/p>\n","protected":false},"author":4,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[3],"tags":[6,11,7],"class_list":["post-508","post","type-post","status-publish","format-standard","hentry","category-mantisbt","tag-release","tag-security","tag-stable"],"_links":{"self":[{"href":"https:\/\/mantisbt.org\/blog\/wp-json\/wp\/v2\/posts\/508","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/mantisbt.org\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/mantisbt.org\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/mantisbt.org\/blog\/wp-json\/wp\/v2\/users\/4"}],"replies":[{"embeddable":true,"href":"https:\/\/mantisbt.org\/blog\/wp-json\/wp\/v2\/comments?post=508"}],"version-history":[{"count":4,"href":"https:\/\/mantisbt.org\/blog\/wp-json\/wp\/v2\/posts\/508\/revisions"}],"predecessor-version":[{"id":513,"href":"https:\/\/mantisbt.org\/blog\/wp-json\/wp\/v2\/posts\/508\/revisions\/513"}],"wp:attachment":[{"href":"https:\/\/mantisbt.org\/blog\/wp-json\/wp\/v2\/media?parent=508"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/mantisbt.org\/blog\/wp-json\/wp\/v2\/categories?post=508"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/mantisbt.org\/blog\/wp-json\/wp\/v2\/tags?post=508"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}