Commits on Dec 14, 2010
  1. Fix #12607: LFI/PD/XSS in upgrade_unattended.php

    This is a backport of the fix applied to the 1.2.x and 1.3.x branches.
    Gjoko Krstic of Zero Science Lab has kindly reported in detail a number
    of vulnerabilities in the admin/upgrade_unattended.php script.
    Earlier patches by Victor Boctor (MantisBT developer) resolved the
    issue. This patch enhances those changes to strengthen the security of
    this script even further.
    Please note that the "admin" directory SHOULD BE DELETED AFTER
    INSTALLATION on all live instances of MantisBT.
    davidhicks committed Dec 14, 2010
Commits on Oct 7, 2010
  1. Fix #12432: XSS issues when viewing Summary page

    Backport of commit c58a678 for bug 12309
    giallu committed Oct 7, 2010
Commits on Sep 18, 2010
  1. Fix #12371: XSS in print_all_bug_page_word.php project/category names

    Backport of commit bfc9e9 for bug 12238
    giallu committed Sep 18, 2010
  2. Fix #12370: Multiple XSS issues with custom field enumeration values

    Backport of commit 7ab71d0 fixing bug 12232
    giallu committed Sep 18, 2010
Commits on Dec 1, 2009
  1. Fix #11229: Fix tagging XSS scripting vulnerabilities

    Tag names and descriptions were not properly sanitised before being
    written to HTML output. This meant that it was possible for users to
    create tags containing Javascript that is executed on every load of
    view_all_bug_page (and elsewhere) for all users.
    Thanks to Michel Arboi from Tenable Network Security (Nessus) for
    reporting this issue.
    This is a backport of 70b5022
    davidhicks committed Dec 1, 2009
Commits on Nov 22, 2009
  1. Fix #11026: Fix XSS bug in view_filters_page.php

    Fix a parsing/validation error whereby a target_field input of the form
    "status[]<script>bad_code();</script>" would be printed directly to
    HTML, thus leading to a XSS vulnerability.
    davidhicks committed Nov 22, 2009
Commits on Sep 6, 2009
Commits on Jul 13, 2009
  1. Fix #10714: Fix session notice with verify.php

    This problem is a result of changes for issue #10187, where the session
    is no longer destroyed in order to play nice with other PHP
    applications.  However, the problem itself only manifests itself when a
    user that is already logged into mantis follows the verification link.
    Rather than forcefully restarting the session, the verification page now
    logs out the existing user and then does a header redirect to itself to
    allow the normal session init behavior to kick in.
    jreese committed Jul 13, 2009
Commits on Jul 6, 2009
Commits on Jun 28, 2009
  1. Fix #10264: any user could reset prefs for others

    This is a backport of f004926.
    There were no access checks done when resetting the preferences on an
    account. Thus it was possible for any logged in user (including
    anonymous users, if enabled) to reset the preferences for any Mantis
    davidhicks committed Jun 28, 2009
Commits on Jun 8, 2009
  1. Updating for 1.1.8 release.

    jreese committed Jun 8, 2009
  2. Fixes #10562: Printing Bug does not work with configuration = SIMPLE_…

    Signed-off-by: John Reese <>
    vboctor committed with jreese Jun 7, 2009
Commits on May 11, 2009
Commits on May 2, 2009
Commits on Apr 27, 2009
Commits on Apr 20, 2009
  1. Prepare for 1.1.7 release.

    jreese committed Apr 20, 2009
Commits on Apr 14, 2009
  1. fix for #10035: Custom multi-selection list fields don't allow

      - handle case where multi-select list is deselected
    thraxisp committed Apr 14, 2009
Commits on Apr 13, 2009
Commits on Apr 1, 2009
  1. Fix #10231: Can't change bugs from Assigned to New

    Put in a check so that an issue won't be auto-assigned if the Handler is updated but the Status is not.
    Signed-off-by: John Reese <>
    bwrightson committed with jreese Apr 1, 2009
Commits on Mar 30, 2009
  1. Fix #10187: Segment the PHP session via a unique key, so as to play n…

    …ice with neighboring apps.
    jreese committed Mar 30, 2009
Commits on Mar 28, 2009
  1. * remove unneeded leading space

    siebrand committed Mar 28, 2009
Commits on Mar 23, 2009
Commits on Mar 20, 2009
  1. fixed bug #10127: Real Name chosen matches another user's login name

      - username lookup is case insensitive in mysql
    thraxisp committed Mar 17, 2009
Commits on Mar 16, 2009
  1. fixed bug #6848: Bugs in manage_config_*_set.php

      based on patch by jiangxin
    thraxisp committed Mar 16, 2009
Commits on Feb 24, 2009
  1. fixed bug #10154: Custom field enum values are

      getting the first and last characters truncated
      when displayed.
       - note that leading and trailing bars may be present
          in the database for some entries
    thraxisp committed Feb 24, 2009
Commits on Feb 9, 2009
Commits on Jan 14, 2009
  1. Fix #8843, 10050: Permissions checks for timetracking.

    Signed-off-by: John Reese <>
    Daryn Warriner committed with jreese Apr 21, 2008