Lucene search
K

414 matches found

CNNVD
CNNVD
added 2026/05/19 12:0 a.m.10 views

Mantis Bug Tracker 跨站脚本漏洞

Mantis Bug Tracker MantisBT is an open-source bug tracker developed by Mantis Bug Tracker. Versions of Mantis Bug Tracker 2.28.1 and earlier had a cross-site scripting vulnerability. This vulnerability occurred when cloning issues from other projects, where the clone form added the source project...

8.6CVSS5.7AI score0.00444EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/19 12:0 a.m.11 views

Mantis Bug Tracker 访问控制错误漏洞

Mantis Bug Tracker MantisBT is an open-source bug tracker developed by Mantis Bug Tracker. Versions of Mantis Bug Tracker 2.28.1 and earlier contained a access control vulnerability. This vulnerability stemmed from insufficient access control checks in the ProjectUsersAddCommand, allowing users...

5.1CVSS5.8AI score0.00427EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2026/05/18 12:0 a.m.14 views

MantisBT 2.11.0 < 2.28.2 Font Family Preference XSS (GHSA-j3v9-553h-x28j)

The version of MantisBT installed on the remote host is 2.11.0 or later but prior to 2.28.2. It is, therefore, affected by a vulnerability: - MantisBT is Vulnerable to XSS leading to account takeover via updating a user's font family preference. CVE-2026-40596 Note that Nessus has not tested for...

7.2CVSS5.8AI score0.00424EPSS
Exploits0References2
OSV
OSV
added 2026/05/11 7:40 p.m.6 views

GHSA-P6FR-RXQ7-XCG8 MantisBT Vulnerable to Stored XSS in File Download

Using showinline=1 parameter and a valid fileshowinlinetoken CSRF token on filedownload.php, an attacker can execute code by uploading a crafted XHTML attachment referencing a JavaScript attachment. Impact Cross-site scripting Patches - 26647b2e68ba30b9d7987d4e03d7a16416684bc2 Workarounds None...

7.5CVSS6AI score0.00349EPSS
Exploits0References6
Github Security Blog
Github Security Blog
added 2026/05/11 7:40 p.m.11 views

MantisBT Vulnerable to Stored XSS in File Download

Using showinline=1 parameter and a valid fileshowinlinetoken CSRF token on filedownload.php, an attacker can execute code by uploading a crafted XHTML attachment referencing a JavaScript attachment. Impact Cross-site scripting Patches - 26647b2e68ba30b9d7987d4e03d7a16416684bc2 Workarounds None...

7.5CVSS6AI score0.00349EPSS
Exploits0References6Affected Software1
Snyk
Snyk
added 2026/05/11 7:40 p.m.11 views

Cross-site Scripting (XSS)

Overview mantisbt/mantisbt is a mantis bug tracker. Affected versions of this package are vulnerable to Cross-site Scripting XSS in the filedownload.php process when the showinline=1 parameter and a valid fileshowinlinetoken CSRF token are provided. An attacker can execute arbitrary JavaScript co...

7.5CVSS5.8AI score0.00349EPSS
Exploits0References2
Snyk
Snyk
added 2026/05/11 7:40 p.m.8 views

Cross-site Scripting (XSS)

Overview mantisbt/mantisbt is a mantis bug tracker. Affected versions of this package are vulnerable to Cross-site Scripting XSS via the Move Attachments admin page when unescaped project names are rendered. An attacker can execute arbitrary scripts in the context of the affected application by...

8.6CVSS5.8AI score0.00298EPSS
Exploits0References2
OSV
OSV
added 2026/05/11 7:39 p.m.7 views

GHSA-PQ86-J2C2-47F6 MantisBT: Authorization Bypass in Bugnote Editing via Issue Update API

The mcissueupdate function in MantisBT allows users having updatebugthreshold access UPDATER, with default settings to edit, change view state, and modify time tracking on bugnotes belonging to other users — bypassing the default DEVELOPER level 55 threshold required by the dedicated...

5.3CVSS5.8AI score0.00258EPSS
Exploits0References6
Snyk
Snyk
added 2026/05/11 7:39 p.m.7 views

Cross-site Scripting (XSS)

Overview mantisbt/mantisbt is a mantis bug tracker. Affected versions of this package are vulnerable to Cross-site Scripting XSS via the returndynamicfilters.php process when handling the filtertarget parameter. An attacker can execute arbitrary HTML or scripts in the context of a user's browser ...

5.4CVSS5.8AI score0.00281EPSS
Exploits0References2
Snyk
Snyk
added 2026/05/11 7:35 p.m.7 views

Cross-site Scripting (XSS)

Overview mantisbt/mantisbt is a mantis bug tracker. Affected versions of this package are vulnerable to Cross-site Scripting XSS via improper escaping in the owner column of saved filters when the configuration option $gshowuserrealname is enabled. An attacker can execute arbitrary HTML or...

7.5CVSS5.8AI score0.00419EPSS
Exploits0References2
Snyk
Snyk
added 2026/05/11 7:35 p.m.7 views

Cross-site Scripting (XSS)

Overview mantisbt/mantisbt is a mantis bug tracker. Affected versions of this package are vulnerable to Cross-site Scripting XSS via improper escaping of the redirection page retrieved from the Referer header. An attacker can execute arbitrary scripts in the context of the user's browser by...

6.9CVSS5.8AI score0.00447EPSS
Exploits0References2
OSV
OSV
added 2026/05/11 7:34 p.m.10 views

GHSA-9C3J-XM6V-J7J3 MantisBT has a Content Security Policy bypass via attachments

Given any pre-existing XSS / HTML injection vulnerability, an attacker can bypass the Content Security Policy's script-src directive by uploading a crafted attachment to any issue that, when accessed via the filedownload.php link, will be downloaded with a valid JavaScript MIME type resulting in...

7.6CVSS5.8AI score0.00498EPSS
Exploits0References5
Snyk
Snyk
added 2026/05/11 7:34 p.m.8 views

Cross-site Scripting (XSS)

Overview mantisbt/mantisbt is a mantis bug tracker. Affected versions of this package are vulnerable to Cross-site Scripting XSS via the font family preference update process. An attacker can execute arbitrary HTML or JavaScript in the context of another user's session by injecting malicious...

7.9CVSS5.8AI score0.00424EPSS
Exploits0References2
Snyk
Snyk
added 2026/05/11 7:34 p.m.9 views

Cross-site Scripting (XSS)

Overview mantisbt/mantisbt is a mantis bug tracker. Affected versions of this package are vulnerable to Cross-site Scripting XSS via improper escaping of textarea custom field contents in the bugupdatepage.php process. An attacker can inject HTML and, if content security policy settings allow,...

5.4CVSS5.8AI score0.0023EPSS
Exploits0References2
Snyk
Snyk
added 2026/05/11 7:33 p.m.3 views

Access Control Bypass

Overview mantisbt/mantisbt is a mantis bug tracker. Affected versions of this package are vulnerable to Access Control Bypass in the REST API upload process. An attacker can upload attachments to private issues without proper authorization by leveraging authenticated access to endpoints they are...

5.3CVSS5.8AI score0.00248EPSS
Exploits0References2
Snyk
Snyk
added 2026/05/11 7:32 p.m.8 views

Information Exposure

Overview mantisbt/mantisbt is a mantis bug tracker. Affected versions of this package are vulnerable to Information Exposure in the attachment access process. An attacker can gain unauthorized access to attachments they previously uploaded by listing and downloading them from issues that have sin...

5.3CVSS5.8AI score0.00362EPSS
Exploits0References2
Snyk
Snyk
added 2026/05/11 5:58 p.m.8 views

Authorization Bypass Through User-Controlled Key

Overview mantisbt/mantisbt is a mantis bug tracker. Affected versions of this package are vulnerable to Authorization Bypass Through User-Controlled Key in the userid parameter during the profile creation process. An attacker can gain unauthorized access to create global profiles by tampering wit...

5.3CVSS5.8AI score0.0034EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/05/11 12:0 a.m.16 views

PT-2026-39890

Name of the Vulnerable Software and Affected Versions Mantis Bug Tracker MantisBT versions prior to 2.28.2 Description The mc issue update function allows users with update bug threshold access UPDATER to edit, change the view state, and modify time tracking on bugnotes belonging to other users...

5.3CVSS5.8AI score0.00258EPSS
Exploits0References7
Positive Technologies
Positive Technologies
added 2026/05/11 12:0 a.m.17 views

PT-2026-39878

Name of the Vulnerable Software and Affected Versions Mantis Bug Tracker MantisBT versions prior to 2.28.2 Description An authenticated user can upload attachments to private issues that they are not authorized to access. Recommendations Update to version 2.28.2...

4.3CVSS5.8AI score0.00248EPSS
Exploits0References6
GithubExploit
GithubExploit
added 2026/04/20 7:59 p.m.84 views

mantis-exploit-patch

No d...

5.7AI score
Exploits0
Rows per page
Query Builder