3 matches found
PT-2026-39875
Name of the Vulnerable Software and Affected Versions Mantis Bug Tracker MantisBT versions prior to 2.28.2 Description A Stored Cross-Site Scripting XSS issue exists when cloning an issue from a project other than the current one. The clone form 'bug report page.php' prepends the source project...
CVE-2025-22606
CVE-2025-22606 describes a command-injection vulnerability in Coolify caused by unsafely handling project names in versions up to 4.0.0-beta.358 (likely earlier). An attacker with access to project management could inject arbitrary shell commands by including unescaped characters (e.g., a single ...
CVE-2022-3205
Cross site scripting in automation controller UI in Red Hat Ansible Automation Platform 1.2 and 2.0 where the project name is susceptible to XSS injection...