EUVD-2026-30998

Mantis Bug Tracker MantisBT is an open source issue tracker. Versions 2.28.1 and prior contain a Stored XSS vulnerability. When cloning an issue originating from a Project other than the current one, the clone form bugreportpage.php prepends the source Project name before the category selector...

Mantis Bug Tracker 跨站脚本漏洞

Mantis Bug Tracker MantisBT is an open-source bug tracker developed by Mantis Bug Tracker. Versions of Mantis Bug Tracker 2.28.1 and earlier had a cross-site scripting vulnerability. This vulnerability occurred when cloning issues from other projects, where the clone form added the source project...

Cross-site Scripting (XSS)

Overview mantisbt/mantisbt is a mantis bug tracker. Affected versions of this package are vulnerable to Cross-site Scripting XSS via the bugreportpage.php process when cloning an issue from a different project, due to improper escaping of the source project name. An attacker with sufficient...

PT-2025-25487 · Git +1 · Lucene

Name of the Vulnerable Software and Affected Versions: Apache Lucene affected versions not specified Description: The software experiences a security exception during the cloning process within the org.apache.lucene.util.AttributeImpl and org.apache.lucene.util.AttributeSource$State classes. The...