CVE-2026-40598 MantisBT has Potential Referer-Based Reflected HTML Injection / XSS in Tag Update Page
Mantis Bug Tracker MantisBT is an open source issue tracker. In versions 2.28.1 and below, improper escaping of the redirection page retrieved from the request's Referer header allows an attacker to inject HTML. While this is generally not directly actionable as modern browsers will URL-encode...