Lucene search
+L

430 matches found

CVE
CVE
added 2026/05/19 9:57 p.m.19 views

CVE-2026-34463

CVE-2026-34463 affects MantisBT prior to 2.28.2. When cloning an issue from a different project, the clone form (bug_report_page.php) prepends the source project name before the category selector without proper escaping, allowing stored HTML injection (XSS) if an attacker can set the project name...

8.6CVSS5.7AI score0.00444EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2026/05/19 9:57 p.m.8 views

CVE-2026-34463 MantisBT has Stored HTML Injection/XSS via Clone Issue Form

Mantis Bug Tracker MantisBT is an open source issue tracker. Versions 2.28.1 and prior contain a Stored XSS vulnerability. When cloning an issue originating from a Project other than the current one, the clone form bugreportpage.php prepends the source Project name before the category selector...

8.6CVSS5.7AI score0.00444EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/05/19 9:57 p.m.27 views

CVE-2026-34463 MantisBT has Stored HTML Injection/XSS via Clone Issue Form

Mantis Bug Tracker MantisBT is an open source issue tracker. Versions 2.28.1 and prior contain a Stored XSS vulnerability. When cloning an issue originating from a Project other than the current one, the clone form bugreportpage.php prepends the source Project name before the category selector...

8.6CVSS0.00444EPSS
Exploits0References3
EUVD
EUVD
added 2026/05/19 9:57 p.m.12 views

EUVD-2026-30998

Mantis Bug Tracker MantisBT is an open source issue tracker. Versions 2.28.1 and prior contain a Stored XSS vulnerability. When cloning an issue originating from a Project other than the current one, the clone form bugreportpage.php prepends the source Project name before the category selector...

8.6CVSS5.7AI score0.00444EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2026/05/19 9:54 p.m.8 views

CVE-2026-34390 MantisBT: Privilege Escalation from Manager to Administrator

Mantis Bug Tracker MantisBT is an open source issue tracker. Versions 2.28.1 and prior have a Privilege Escalation vulnerability where insufficient access control checks in ProjectUsersAddCommand manageprojuseradd.php allow users having manageprojectthreshold access level manager by default to...

5.1CVSS5.8AI score0.00427EPSS
Exploits0References4
CVE
CVE
added 2026/05/19 9:54 p.m.19 views

CVE-2026-34390

MantisBT before 2.28.2 is affected by a Privilege Escalation in ProjectUsersAddCommand (manage_proj_user_add.php). A user with manage_project_threshold (default manager) can forge a higher access_level value and grant project-level administrator rights to any user within a project they manage, by...

5.1CVSS5.8AI score0.00427EPSS
Exploits0References4
ATTACKERKB
ATTACKERKB
added 2026/05/19 9:54 p.m.9 views

CVE-2026-34390

Mantis Bug Tracker MantisBT is an open source issue tracker. Versions 2.28.1 and prior have a Privilege Escalation vulnerability where insufficient access control checks in ProjectUsersAddCommand manageprojuseradd.php allow users having manageprojectthreshold access level manager by default to...

5.1CVSS5.8AI score0.00427EPSS
Exploits0References5Affected Software1
EUVD
EUVD
added 2026/05/19 9:54 p.m.12 views

EUVD-2026-30994

Mantis Bug Tracker MantisBT is an open source issue tracker. Versions 2.28.1 and prior have a Privilege Escalation vulnerability where insufficient access control checks in ProjectUsersAddCommand manageprojuseradd.php allow users having manageprojectthreshold access level manager by default to...

5.1CVSS5.8AI score0.00427EPSS
Exploits0References4
OSV
OSV
added 2026/05/19 9:54 p.m.2 views

CVE-2026-34390 MantisBT: Privilege Escalation from Manager to Administrator

Mantis Bug Tracker MantisBT is an open source issue tracker. Versions 2.28.1 and prior have a Privilege Escalation vulnerability where insufficient access control checks in ProjectUsersAddCommand manageprojuseradd.php allow users having manageprojectthreshold access level manager by default to...

5.1CVSS5.9AI score0.00427EPSS
Exploits0References6
NVD
NVD
added 2026/05/19 2:16 a.m.20 views

CVE-2026-33052

Mantis Bug Tracker MantisBT is an open source issue tracker. Versions 2.28.0 and 2.28.1 allow a low-privileged authenticated user assigned the "addprofilethreshold" permission to create a global profile despite not having manageglobalprofilethreshold, by tampering with the userid parameter in a...

5.3CVSS0.0034EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/05/19 12:29 a.m.45 views

CVE-2026-33052 MantisBT: Authorization Bypass in Global Profile Creation

Mantis Bug Tracker MantisBT is an open source issue tracker. Versions 2.28.0 and 2.28.1 allow a low-privileged authenticated user assigned the "addprofilethreshold" permission to create a global profile despite not having manageglobalprofilethreshold, by tampering with the userid parameter in a...

5.3CVSS0.0034EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2026/05/19 12:29 a.m.7 views

CVE-2026-33052

Mantis Bug Tracker MantisBT is an open source issue tracker. Versions 2.28.0 and 2.28.1 allow a low-privileged authenticated user assigned the "addprofilethreshold" permission to create a global profile despite not having manageglobalprofilethreshold, by tampering with the userid parameter in a...

5.3CVSS5.7AI score0.0034EPSS
Exploits0References4Affected Software1
EUVD
EUVD
added 2026/05/19 12:29 a.m.14 views

EUVD-2026-30820

Mantis Bug Tracker MantisBT is an open source issue tracker. Versions 2.28.0 and 2.28.1 allow a low-privileged authenticated user assigned the "addprofilethreshold" permission to create a global profile despite not having manageglobalprofilethreshold, by tampering with the userid parameter in a...

5.3CVSS5.7AI score0.0034EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/05/19 12:0 a.m.10 views

Mantis Bug Tracker 跨站脚本漏洞

Mantis Bug Tracker MantisBT is an open-source bug tracker developed by Mantis Bug Tracker. Versions of Mantis Bug Tracker 2.28.1 and earlier had a cross-site scripting vulnerability. This vulnerability occurred when cloning issues from other projects, where the clone form added the source project...

8.6CVSS5.7AI score0.00444EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/19 12:0 a.m.11 views

Mantis Bug Tracker 访问控制错误漏洞

Mantis Bug Tracker MantisBT is an open-source bug tracker developed by Mantis Bug Tracker. Versions of Mantis Bug Tracker 2.28.1 and earlier contained a access control vulnerability. This vulnerability stemmed from insufficient access control checks in the ProjectUsersAddCommand, allowing users...

5.1CVSS5.8AI score0.00427EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/19 12:0 a.m.15 views

Mantis Bug Tracker 信息泄露漏洞

Mantis Bug Tracker MantisBT is an open-source bug tracker developed by Mantis Bug Tracker. Versions of Mantis Bug Tracker 2.28.1 and earlier contained a vulnerability related to information leakage. This vulnerability stemmed from allowing users to list and download attachments that they had...

5.3CVSS5.8AI score0.00362EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/19 12:0 a.m.11 views

Mantis Bug Tracker 信息泄露漏洞

Mantis Bug Tracker MantisBT is an open-source bug tracker developed by Mantis Bug Tracker. Versions of Mantis Bug Tracker 2.28.1 and earlier contained a vulnerability related to information leakage. This vulnerability occurred due to the use of a custom POST request through the private issue...

5.3CVSS5.8AI score0.00363EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2026/05/18 12:0 a.m.14 views

MantisBT 2.11.0 < 2.28.2 Font Family Preference XSS (GHSA-j3v9-553h-x28j)

The version of MantisBT installed on the remote host is 2.11.0 or later but prior to 2.28.2. It is, therefore, affected by a vulnerability: - MantisBT is Vulnerable to XSS leading to account takeover via updating a user's font family preference. CVE-2026-40596 Note that Nessus has not tested for...

7.2CVSS5.8AI score0.00424EPSS
Exploits0References2
Snyk
Snyk
added 2026/05/11 7:40 p.m.12 views

Cross-site Scripting (XSS)

Overview mantisbt/mantisbt is a mantis bug tracker. Affected versions of this package are vulnerable to Cross-site Scripting XSS in the filedownload.php process when the showinline=1 parameter and a valid fileshowinlinetoken CSRF token are provided. An attacker can execute arbitrary JavaScript co...

7.5CVSS5.8AI score0.00349EPSS
Exploits0References2
Github Security Blog
Github Security Blog
added 2026/05/11 7:40 p.m.12 views

MantisBT Vulnerable to Stored XSS in File Download

Using showinline=1 parameter and a valid fileshowinlinetoken CSRF token on filedownload.php, an attacker can execute code by uploading a crafted XHTML attachment referencing a JavaScript attachment. Impact Cross-site scripting Patches - 26647b2e68ba30b9d7987d4e03d7a16416684bc2 Workarounds None...

7.5CVSS6AI score0.00349EPSS
Exploits0References6Affected Software1
Rows per page
Query Builder