Lucene search
K

3396 matches found

NVD
NVD
added 2026/05/28 9:16 p.m.15 views

CVE-2026-44655

Mantis Bug Tracker MantisBT is an open source issue tracker. From 1.3.0 to 2.28.1, unescaped Project Name allows an attacker that can set it which typically requires manager or administrator access level to inject HTML in Move Attachments admin page. This vulnerability is fixed in 2.28.2...

8.6CVSS0.00298EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/05/28 8:29 p.m.10 views

CVE-2026-42071 MantisBT: Private Bugnote Attachment Content Leak via REST API

Mantis Bug Tracker MantisBT is an open source issue tracker. From 2.23.0 to 2.28.1, a missing authorization check in MantisBT's file visibility function allows any authenticated user REPORTER+ to download attachments on private bugnotes they should not be able to access, via the REST API endpoint...

7.2CVSS5.8AI score0.0026EPSS
Exploits0References5
CVE
CVE
added 2026/05/28 8:29 p.m.27 views

CVE-2026-42071

Summary: CVE-2026-42071 affects MantisBT, specifically versions 2.23.0 through 2.28.1, where a missing authorization check in the file visibility function allows any authenticated user (REPORTER+) to download attachments from private bugnotes via REST API GET /api/rest/issues/{id}/files and SOAP ...

7.2CVSS5.8AI score0.0026EPSS
Exploits0References5
ATTACKERKB
ATTACKERKB
added 2026/05/28 8:29 p.m.9 views

CVE-2026-42071

Mantis Bug Tracker MantisBT is an open source issue tracker. From 2.23.0 to 2.28.1, a missing authorization check in MantisBT's file visibility function allows any authenticated user REPORTER+ to download attachments on private bugnotes they should not be able to access, via the REST API endpoint...

7.2CVSS5.8AI score0.0026EPSS
Exploits0References6Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/05/28 8:27 p.m.11 views

CVE-2026-44655

Mantis Bug Tracker MantisBT is an open source issue tracker. From 1.3.0 to 2.28.1, unescaped Project Name allows an attacker that can set it which typically requires manager or administrator access level to inject HTML in Move Attachments admin page. This vulnerability is fixed in 2.28.2...

8.6CVSS5.8AI score0.00298EPSS
Exploits0References3Affected Software1
Cvelist
Cvelist
added 2026/05/28 8:27 p.m.26 views

CVE-2026-44655 MantisBT: Stored XSS on Move Attachments Admin Page

Mantis Bug Tracker MantisBT is an open source issue tracker. From 1.3.0 to 2.28.1, unescaped Project Name allows an attacker that can set it which typically requires manager or administrator access level to inject HTML in Move Attachments admin page. This vulnerability is fixed in 2.28.2...

8.6CVSS0.00298EPSS
Exploits0References2
CVE
CVE
added 2026/05/28 8:27 p.m.15 views

CVE-2026-44655

Affected software: MantisBT (Mantis Bug Tracker). Vulnerable versions: 1.3.0–2.28.1. Component: Move Attachments admin page, where Unescaped Project Name can be set by users with manager/administrator access. Root cause: unescaped project name leads to HTML injection (stored XSS). Impact: stored ...

8.6CVSS5.8AI score0.00298EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/05/28 8:27 p.m.13 views

CVE-2026-44655 MantisBT: Stored XSS on Move Attachments Admin Page

Mantis Bug Tracker MantisBT is an open source issue tracker. From 1.3.0 to 2.28.1, unescaped Project Name allows an attacker that can set it which typically requires manager or administrator access level to inject HTML in Move Attachments admin page. This vulnerability is fixed in 2.28.2...

8.6CVSS5.8AI score0.00298EPSS
Exploits0References2
EUVD
EUVD
added 2026/05/28 8:27 p.m.11 views

EUVD-2026-33025

Mantis Bug Tracker MantisBT is an open source issue tracker. From 1.3.0 to 2.28.1, unescaped Project Name allows an attacker that can set it which typically requires manager or administrator access level to inject HTML in Move Attachments admin page. This vulnerability is fixed in 2.28.2...

8.6CVSS5.8AI score0.00298EPSS
Exploits0References2
NVD
NVD
added 2026/05/28 8:16 a.m.16 views

CVE-2026-7651

The User Registration & Membership – Free & Paid Memberships, Subscriptions, Content Restriction, User Profile, Custom User Registration & Login Builder plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 5.1.5. This is due to missing...

5.3CVSS0.0035EPSS
Exploits0References5
ATTACKERKB
ATTACKERKB
added 2026/05/28 6:45 a.m.9 views

CVE-2026-7651

The User Registration & Membership – Free & Paid Memberships, Subscriptions, Content Restriction, User Profile, Custom User Registration & Login Builder plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 5.1.5. This is due to missing...

5.3CVSS5.9AI score0.0035EPSS
Exploits0References6
CNNVD
CNNVD
added 2026/05/28 12:0 a.m.12 views

Mantis Bug Tracker 跨站脚本漏洞

Mantis Bug Tracker MantisBT is an open-source bug tracker developed by Mantis Bug Tracker. Versions of Mantis Bug Tracker prior to 2.28.2 contained a cross-site scripting vulnerability. This vulnerability occurred when using the showinline=1 parameter and a valid CSRF token, allowing attackers to...

7.5CVSS5.8AI score0.00349EPSS
Exploits0References4
CNNVD
CNNVD
added 2026/05/28 12:0 a.m.8 views

Mantis Bug Tracker(MantisBT) 跨站脚本漏洞

Mantis Bug Tracker MantisBT is an open-source bug tracker developed by Mantis Bug Tracker. Versions of Mantis Bug Tracker from 1.3.0 to 2.28.1 contained a cross-site scripting vulnerability. This vulnerability occurred due to the lack of escaping of project names, allowing attackers with...

8.6CVSS5.6AI score0.00298EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/05/28 12:0 a.m.15 views

PT-2026-44204

The User Registration & Membership – Free & Paid Memberships, Subscriptions, Content Restriction, User Profile, Custom User Registration & Login Builder plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 5.1.5. This is due to missing...

5.3CVSS5.9AI score0.0035EPSS
Exploits0References6
NVD
NVD
added 2026/05/27 6:16 p.m.19 views

CVE-2026-46426

Budibase is an open-source low-code platform. Prior to 3.38.2, the file upload endpoint POST /api/attachments/process does not enforce active-content restrictions for authenticated users. The checks for dangerous file extensions are conditionally wrapped inside if isPublicUser or if isPublicUser ...

7.6CVSS0.00175EPSS
Exploits0References2
EUVD
EUVD
added 2026/05/27 2:37 p.m.13 views

EUVD-2026-32532

Webmin before 2.640 does not safely construct a filename for saving of an attachment within the mailboxes component. This occurs in mailboxes/detachall.cgi...

9.4CVSS5.8AI score0.00303EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/05/27 12:0 a.m.8 views

Webmin 跨站脚本漏洞

Webmin is a set of web-based system management tools for Unix-like operating systems, developed by the Webmin community. Versions of Webmin prior to 2.640 contained a cross-site scripting vulnerability. This vulnerability occurred when viewing SVG document attachments in the mailboxes component,...

6.1CVSS5.6AI score0.00155EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/05/27 12:0 a.m.12 views

PT-2026-44031

Webmin before 2.640 does not safely construct a filename for saving of an attachment within the mailboxes component. This occurs in mailboxes/detachall.cgi...

9.4CVSS5.8AI score0.00303EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2026/05/26 8:14 p.m.13 views

CVE-2026-4915

Mattermost versions 11.6.x = 11.6.0, 11.5.x = 11.5.3, 11.4.x = 11.4.4, 10.11.x = 10.11.14 fail to filter nil elements from outgoing webhook attachment payloads before processing, which allows an authenticated user to cause a denial of service server process termination via a crafted webhook...

6.5CVSS5.8AI score0.00277EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/05/26 7:49 p.m.36 views

CVE-2026-44844 eml_parser: Recursion DoS via nested message/rfc822 attachments

emlparser serves as a python module for parsing eml files and returning various information found in the e-mail as well as computed information. Prior to 3.0.1, EmlParser.getrawbodytext recurses unconditionally for every nested message/rfc822 attachment without any depth limit. An attacker who ca...

6.3CVSS0.00395EPSS
Exploits0References1
Rows per page
Query Builder