CVE-2026-42071
- EPSS 0.26%
- Veröffentlicht 28.05.2026 20:29:20
- Zuletzt bearbeitet 29.05.2026 15:11:03
Mantis Bug Tracker (MantisBT) is an open source issue tracker. From 2.23.0 to 2.28.1, a missing authorization check in MantisBT's file visibility function allows any authenticated user (REPORTER+) to download attachments on private bugnotes they shou...
CVE-2026-42070
- EPSS 0.26%
- Veröffentlicht 28.05.2026 20:28:20
- Zuletzt bearbeitet 29.05.2026 15:11:03
Mantis Bug Tracker (MantisBT) is an open source issue tracker. Prior to 2.28.2, the mc_issue_update() function in MantisBT allows users having update_bug_threshold access (UPDATER, with default settings) to edit, change view state, and modify time tr...
CVE-2026-44655
- EPSS 0.3%
- Veröffentlicht 28.05.2026 20:27:02
- Zuletzt bearbeitet 29.05.2026 15:11:03
Mantis Bug Tracker (MantisBT) is an open source issue tracker. From 1.3.0 to 2.28.1, unescaped Project Name allows an attacker that can set it (which typically requires manager or administrator access level) to inject HTML in Move Attachments admin p...
CVE-2026-41897
- EPSS 0.28%
- Veröffentlicht 28.05.2026 20:26:24
- Zuletzt bearbeitet 29.05.2026 15:11:03
Mantis Bug Tracker (MantisBT) is an open source issue tracker. From 1.0.0 to 2.28.1, lack of validation of filter_target parameter on return_dynamic_filters.php (normally used as an AJAX in View Issues Page) allows an attacker to inject arbitrary HTM...
CVE-2026-44657
- EPSS 0.35%
- Veröffentlicht 28.05.2026 20:25:26
- Zuletzt bearbeitet 29.05.2026 15:11:03
Mantis Bug Tracker (MantisBT) is an open source issue tracker. Prior to 2.28.2, using show_inline=1 parameter and a valid file_show_inline_token CSRF token on file_download.php, an attacker can execute code by uploading a crafted XHTML attachment ref...
CVE-2026-40607
- EPSS 0.42%
- Veröffentlicht 22.05.2026 19:39:13
- Zuletzt bearbeitet 22.05.2026 19:39:13
Mantis Bug Tracker (MantisBT) is an open source issue tracker. In versions 2.11.0 through 2.28.1, a Stored XSS vulnerability is caused by incorrect escaping of a saved filter's owner, allowing an attacker to inject arbitrary HTML on systems where $g_...
CVE-2026-40598
- EPSS 0.45%
- Veröffentlicht 22.05.2026 19:32:35
- Zuletzt bearbeitet 22.05.2026 19:32:35
Mantis Bug Tracker (MantisBT) is an open source issue tracker. In versions 2.28.1 and below, improper escaping of the redirection page (retrieved from the request's Referer header) allows an attacker to inject HTML. While this is generally not direct...
CVE-2026-40597
- EPSS 0.5%
- Veröffentlicht 22.05.2026 19:29:46
- Zuletzt bearbeitet 22.05.2026 19:29:46
Mantis Bug Tracker (MantisBT) is an open source issue tracker. In versions 2.28.1 and below, given any pre-existing XSS / HTML injection vulnerability, an attacker can bypass the Content Security Policy's script-src directive by uploading a crafted a...
CVE-2026-40596
- EPSS 0.42%
- Veröffentlicht 22.05.2026 19:25:32
- Zuletzt bearbeitet 22.05.2026 19:25:32
Mantis Bug Tracker (MantisBT) is an open source issue tracker. Versions 2.11.0 through 2.28.1 allow any authenticated user to inject arbitrary HTML by updating their account's font family. Upon exploitation, an XSS payload would be reflected on every...
CVE-2026-39960
- EPSS 0.23%
- Veröffentlicht 20.05.2026 21:11:02
- Zuletzt bearbeitet 21.05.2026 16:04:53
Mantis Bug Tracker (MantisBT) is an open source issue tracker. Versions 2.28.1 and below contain flawed logic that causes improper escaping of a textarea custom field's contents in the Update Issue page, (bug_update_page.php) allowing an attacker to ...