[MEDIUM] MantisBT vulnerable to CSRF and Open Redirect attacks

PKSA-vzxc-scpg-d56v CVE-2017-7620 GHSA-9x76-mp7r-2xc5

Affected package: mantisbt/mantisbt

Affected version: >=2.4.0,<2.4.1|>=2.0.0,<2.3.3|<1.3.11

Reported by:
GitHub