5 matches found
CVE-2026-40596
Mantis Bug Tracker MantisBT is an open source issue tracker. Versions 2.11.0 through 2.28.1 allow any authenticated user to inject arbitrary HTML by updating their account's font family. Upon exploitation, an XSS payload would be reflected on every MantisBT page. Leveraging another vulnerability...
GHSA-J3V9-553H-X28J MantisBT is Vulnerable to XSS leading to account takeover via updating a user's font family preference
Any authenticated user can inject arbitrary HTML via updating their account's font family. Impact Cross-site scripting. The injected payload will be reflected in every MantisBT page. Leveraging another vulnerability CSP bypass, see GHSA-9c3j-xm6v-j7j3, the attacker could achieve account takeover...
MantisBT is Vulnerable to XSS leading to account takeover via updating a user's font family preference
Any authenticated user can inject arbitrary HTML via updating their account's font family. Impact Cross-site scripting. The injected payload will be reflected in every MantisBT page. Leveraging another vulnerability CSP bypass, see GHSA-9c3j-xm6v-j7j3, the attacker could achieve account takeover...
Cross-site Scripting (XSS)
Overview mantisbt/mantisbt is a mantis bug tracker. Affected versions of this package are vulnerable to Cross-site Scripting XSS via the font family preference update process. An attacker can execute arbitrary HTML or JavaScript in the context of another user's session by injecting malicious...
PT-2026-39881
Name of the Vulnerable Software and Affected Versions MantisBT affected versions not specified Description An authenticated user can inject arbitrary HTML by updating the font family of their account. This leads to cross-site scripting, where the injected payload is reflected on every page of the...