3 matches found
CVE-2026-39960
MantisBT (versions ≤ 2.28.1) is vulnerable to Stored XSS via improper escaping of a textarea custom field on the Update Issue page (bug_update_page.php). The flaw allows an attacker, authenticated with bug report permission, to inject HTML and potentially execute JavaScript when the page loads, e...
GHSA-QJ6W-V29Q-4RGX MantisBT is Vulnerable to Stored XSS in Custom Field Textarea Values
Improper escaping of a textarea custom field's contents in the Update Issue page bugupdatepage.php allows an attacker to inject HTML and, if CSP settings permit, execute arbitrary JavaScript when the page is loaded. Impact Session theft leading to admin account takeover, full project data access....
PT-2026-39880
Name of the Vulnerable Software and Affected Versions Mantis Bug Tracker MantisBT versions prior to 2.28.2 Description Flawed logic in the Update Issue page 'bug update page.php' causes improper escaping of textarea custom field contents. This allows an authenticated user with low-privilege bug...