Cross-site scripting (XSS) vulnerability in NuSOAP 0.9.5, as used in MantisBT and other products, allows remote attackers to inject arbitrary web script or HTML