FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

mantis -- multiple vulnerabilities

Affected packages
mantis-php71 < 2.22.1,1
mantis-php72 < 2.22.1,1
mantis-php73 < 2.22.1,1
mantis-php74 < 2.22.1,1


VuXML ID 81fcc2f9-e15a-11e9-abbf-800dd28b22bd
Discovery 2019-08-28
Entry 2019-09-27

The Mantis developers report:

CVE-2019-15715: [Admin Required - Post Authentication] Command Execution / Injection Vulnerability

CVE-2019-8331: In Bootstrap before 3.4.1, XSS is possible in the tooltip or popover data-template attribute

Missing integrity hashes for CSS resources from CDNs


CVE Name CVE-2019-15715
CVE Name CVE-2019-8331