Mantis

Mantis, or MantisBT, has been around for more than a decade and has helped numerous projects keep track and then solve various issues.

It can be used for open source coding projects, enterprise closed-source apps, or even call centers that have nothing to do with coding applications.

There are a lot of features included with Mantis, ranging from statistics reporting, to email notifications and the ability to split projects into sub-projects.

There's also support for l10n setups, plugins, wikis, internal DMs, and a chat.

What is new in this release:

• 7 Cross-Site Scripting (XSS) issues
• 2 Code injection issues
• 2 SQL injection (XSS) issues
• 5 Information disclosure issues
• 7 Other security issues

What is new in version 1.2.19 / 1.3.0-beta.2:

• 7 Cross-Site Scripting (XSS) issues
• 2 Code injection issues
• 2 SQL injection (XSS) issues
• 5 Information disclosure issues
• 7 Other security issues

What is new in version 1.2.19 / 1.3.0-beta.1:

• 7 Cross-Site Scripting (XSS) issues
• 2 Code injection issues
• 2 SQL injection (XSS) issues
• 5 Information disclosure issues
• 7 Other security issues

What is new in version 1.2.17:

• A SQL injection vulnerability (CVE-2014-2238) in adm_config_report.php was patched.

What is new in version 1.2.15:

• Any malicious user could use the view issues page (search.php) to execute a filter that could bring down the site by overloading the database server (CVE-2013-1883). Affects MantisBT 1.2.12 and later.
• A cross site scripting (XSS) vulnerability allowed execution of arbitrary JavaScript code when deleting a version. Affects MantisBT 1.2.14 and later.

What is new in version 1.2.14:

• Improved Manage Configuration page (better performance, ability to filter and edit config options).
• Support for the built-in SOAP extension in addition to nusoap.
• Updated translations in many languages.

What is new in version 1.2.12:

• Filter page now allows 'OR' logic and to query by notes' authors.
• Improved e-mail logging.
• New 'EVENT_UPDATE_BUG_STATUS_FORM' plugin event.
• Updated Admin Guide.

What is new in version 1.2.11:

• This release contains numerous minor bug fixes to MantisBT and SOAP API fixes.

What is new in version 1.2.10:

• Manual is not packaged with 1.2.9 release.
• Include filename and line number in system notices and warnings.
• Logo is not present on new instalation.
• System notice in bug_check_workflow().
• Search with number > 2147483647 fails on 64-bit systems with PostgreSQL.
• Exporting Descriptions, Additional Information, etc. fails.
• German 'Umlaute' with closing question mark failed.
• Turn off 'save login' feature.
• Attaching multiple files in one go.

What is new in version 1.2.9:

• MantisBT 1.2.9 release delivers 92 fixes and improvements including security fixes, new MantisBT logo, MantisTouch integration, MS SQL fixes, SOAP API improvements, and others.

What is new in version 1.2.8:

• MantisBT 1.2.8 is a security update for the stable 1.2.x branch.

Requirements:

• PHP 5.2 or higher
• MySQL 4.1.1 or higher (MS SQL, DB2, and PostgreSQL are also supported)
• Apache or IIS