MantisBT 1.2.2 is a security update for the stable 1.2.x branch. All installations that are currently running any 1.2.x version are advised to upgrade to this release.
Issue #11952 covers a security fix to the display of inline attachments, where “Arbitrary inline attachment rendering could lead to cross-domain scripting or other browser attacks”. See http://www.mantisbt.org/bugs/view.php?id=11952 for further details and information.
Also included with 1.2.2 are a range of translation updates, regression fixes, and bug fixes, including multiple SOAP API-related bugs and regressions.
The release changelog can be found at:
It can be downloaded at: