mantisbt - Change Log
Security and maintenance release, addressing 6 CVEs: an XSS issue, an SQL injection in the SOAP API and several information disclosure issues including a critical one allowing full access to private issues' contents. All installations are strongly advised to upgrade as soon as possible.
Many thanks to randomdhiraj, ethicalhcop and d3vpoo1 (https://gitlab.com/jrckmcsb), for identifying and responsibly reporting these security issues.
This release also includes a few PHP 8.0 compatibility fixes, including a major one causing an access denied error for all users when updating issues.