[MEDIUM] MantisBT allows cross-site scripting (XSS) via crafted filename

PKSA-t8wp-pwhj-pycz CVE-2019-15074 GHSA-gg4j-279j-22ph

Affected package: mantisbt/mantisbt

Affected version: <2.21.2

Reported by:
GitHub