[MEDIUM] MantisBT cross-site scripting (XSS) vulnerability through crafted PATH_INFO

PKSA-pww2-64c1-ygv6 CVE-2018-16514 GHSA-3qv7-98vm-xx2v

Affected package: mantisbt/mantisbt

Affected version: >=2.1.0,<=2.17.0

Reported by:
GitHub