414 matches found
CVE-2026-30849
Mantis Bug Tracker MantisBT is an open source issue tracker. Versions prior to 2.28.1 running on MySQL family databases are affected by an authentication bypass vulnerability in the SOAP API, as a result of an improper type checking on the password parameter. Other database backends are not...
CVE-2026-33517
Mantis Bug Tracker MantisBT is an open source issue tracker. In version 2.28.0, when deleting a Tag tagdelete.php, improper escaping of its name when displaying the confirmation message allows an attacker to inject HTML and, if CSP settings permit, achieve execution of arbitrary JavaScript. Versi...
CVE-2026-33548
Mantis Bug Tracker MantisBT is an open source issue tracker. In version 2.28.0, improper escaping of tag names retrieved from History in Timeline myviewpage.php allows an attacker to inject HTML and, if CSP settings permit, achieve execution of arbitrary JavaScript, when displaying a tag that has...
EUVD-2026-14525
MantisBT has Stored HTML Injection/XSS when displaying Tags in Timeline...
EUVD-2026-14523
MantisBT Vulnerable to Stored HTML Injection in Tag Delete Confirmation...
GHSA-FH48-F69W-7VMP MantisBT Vulnerable to Stored HTML Injection in Tag Delete Confirmation
Improper escaping of Tag name when deleting it in tagdelete.php allows an attacker to inject HTML and, if CSP settings permit, achieve execution of arbitrary JavaScript. Impact Cross-site scripting XSS. Patches 80990f43153167c73f11eb4b2bc7108d0c3d6b46 Workarounds Revert commit...
Cross-site Scripting (XSS)
Overview mantisbt/mantisbt is a mantis bug tracker. Affected versions of this package are vulnerable to Cross-site Scripting XSS via improper escaping of tag names retrieved from History in the Timeline. An attacker can execute arbitrary HTML or JavaScript code in the context of the affected...
Cross-site Scripting (XSS)
Overview mantisbt/mantisbt is a mantis bug tracker. Affected versions of this package are vulnerable to Cross-site Scripting XSS via the Tag Delete Confirmation. An attacker can execute arbitrary JavaScript in the application's context by injecting malicious HTML into the tag name, which is then...
EUVD-2026-14516
MantisBT is vulnerable to authentication bypass through the SOAP API on MySQL...
GHSA-PHRQ-PC6R-F6GH MantisBT is vulnerable to authentication bypass through the SOAP API on MySQL
Mantis Bug Tracker instances running on MySQL and compatible databases are affected by an authentication bypass vulnerability in the SOAP API, as a result of improper type checking on the password parameter. Other database backends are not affected, as they do not perform implicit type conversion...
MantisBT is vulnerable to authentication bypass through the SOAP API on MySQL
Mantis Bug Tracker instances running on MySQL and compatible databases are affected by an authentication bypass vulnerability in the SOAP API, as a result of improper type checking on the password parameter. Other database backends are not affected, as they do not perform implicit type conversion...
CVE-2026-33517
Mantis Bug Tracker MantisBT is an open source issue tracker. In version 2.28.0, when deleting a Tag tagdelete.php, improper escaping of its name when displaying the confirmation message allows an attacker to inject HTML and, if CSP settings permit, achieve execution of arbitrary JavaScript. Versi...
CVE-2026-33548
Mantis Bug Tracker MantisBT is an open source issue tracker. In version 2.28.0, improper escaping of tag names retrieved from History in Timeline myviewpage.php allows an attacker to inject HTML and, if CSP settings permit, achieve execution of arbitrary JavaScript, when displaying a tag that has...
CVE-2026-30849
Mantis Bug Tracker MantisBT is an open source issue tracker. Versions prior to 2.28.1 running on MySQL family databases are affected by an authentication bypass vulnerability in the SOAP API, as a result of an improper type checking on the password parameter. Other database backends are not...
CVE-2026-33548
MantisBT 2.28.0 is vulnerable to Stored HTML Injection / XSS when rendering tags in Timeline (Timeline view via my_view_page.php). Root cause: improper escaping of tag names retrieved from History in Timeline. Impact: if CSP permits, attacker could execute arbitrary JavaScript when displaying a r...
CVE-2026-33548
Mantis Bug Tracker MantisBT is an open source issue tracker. In version 2.28.0, improper escaping of tag names retrieved from History in Timeline myviewpage.php allows an attacker to inject HTML and, if CSP settings permit, achieve execution of arbitrary JavaScript, when displaying a tag that has...
CVE-2026-33548 MantisBT has Stored HTML Injection / XSS when displaying Tags in Timeline
Mantis Bug Tracker MantisBT is an open source issue tracker. In version 2.28.0, improper escaping of tag names retrieved from History in Timeline myviewpage.php allows an attacker to inject HTML and, if CSP settings permit, achieve execution of arbitrary JavaScript, when displaying a tag that has...
CVE-2026-33517
The CVE-2026-33517 entry concerns MantisBT 2.28.0, where deleting a Tag (tag_delete.php) allows stored HTML injection due to improper escaping in the confirmation message. This can enable arbitrary JavaScript execution if CSP settings permit. The issue is fixed in version 2.28.1. Workarounds incl...
CVE-2026-33517
Mantis Bug Tracker MantisBT is an open source issue tracker. In version 2.28.0, when deleting a Tag tagdelete.php, improper escaping of its name when displaying the confirmation message allows an attacker to inject HTML and, if CSP settings permit, achieve execution of arbitrary JavaScript. Versi...
CVE-2026-33517 MantisBT Vulnerable to Stored HTML Injection in Tag Delete Confirmation
Mantis Bug Tracker MantisBT is an open source issue tracker. In version 2.28.0, when deleting a Tag tagdelete.php, improper escaping of its name when displaying the confirmation message allows an attacker to inject HTML and, if CSP settings permit, achieve execution of arbitrary JavaScript. Versi...