Mantisbt

Mantisbt

119 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
4.3

CVE-2020-29605

Exploit
  • EPSS 0.15%
  • Veröffentlicht 29.01.2021 07:15:17
  • Zuletzt bearbeitet 21.11.2024 05:24:18

An issue was discovered in MantisBT before 2.24.4. Due to insufficient access-level checks, any logged-in user allowed to perform Group Actions can get access to the Summary fields of private Issues via bug_arr[]= in a crafted bug_actiongroup_page.ph...

6.5

CVE-2020-28413

Exploit
  • EPSS 2.42%
  • Veröffentlicht 30.12.2020 22:15:12
  • Zuletzt bearbeitet 21.11.2024 05:22:45

In MantisBT 2.24.3, SQL Injection can occur in the parameter "access" of the mc_project_get_users function through the API SOAP.

7.5

CVE-2020-35849

Exploit
  • EPSS 0.76%
  • Veröffentlicht 30.12.2020 19:15:13
  • Zuletzt bearbeitet 21.11.2024 05:28:18

An issue was discovered in MantisBT before 2.24.4. An incorrect access check in bug_revision_view_page.php allows an unprivileged attacker to view the Summary field of private issues, as well as bugnotes revisions, gaining access to potentially confi...

4.8

CVE-2020-25288

Exploit
  • EPSS 0.75%
  • Veröffentlicht 30.09.2020 21:15:13
  • Zuletzt bearbeitet 21.11.2024 05:17:52

An issue was discovered in MantisBT before 2.24.3. When editing an Issue in a Project where a Custom Field with a crafted Regular Expression property is used, improper escaping of the corresponding form input's pattern attribute allows HTML injection...

4.3

CVE-2020-25781

Exploit
  • EPSS 0.26%
  • Veröffentlicht 30.09.2020 21:15:13
  • Zuletzt bearbeitet 21.11.2024 05:18:45

An issue was discovered in file_download.php in MantisBT before 2.24.3. Users without access to view private issue notes are able to download the (supposedly private) attachments linked to these notes by accessing the corresponding file download URL ...

4.8

CVE-2020-25830

Exploit
  • EPSS 0.6%
  • Veröffentlicht 30.09.2020 21:15:13
  • Zuletzt bearbeitet 21.11.2024 05:18:51

An issue was discovered in MantisBT before 2.24.3. Improper escaping of a custom field's name allows an attacker to inject HTML and, if CSP settings permit, achieve execution of arbitrary JavaScript when attempting to update said custom field via bug...

5.4

CVE-2020-16266

Exploit
  • EPSS 0.27%
  • Veröffentlicht 12.08.2020 13:15:10
  • Zuletzt bearbeitet 21.11.2024 05:07:03

An XSS issue was discovered in MantisBT before 2.24.2. Improper escaping on view_all_bug_page.php allows a remote attacker to inject arbitrary HTML into the page by saving it into a text Custom Field, leading to possible code execution in the browser...

6.1

CVE-2019-15539

  • EPSS 0.52%
  • Veröffentlicht 19.03.2020 19:15:11
  • Zuletzt bearbeitet 21.11.2024 04:28:57

The proj_doc_edit_page.php Project Documentation feature in MantisBT before 2.21.3 has a stored cross-site scripting (XSS) vulnerability, allowing execution of arbitrary code (if CSP settings permit it) after uploading an attachment with a crafted fi...

6.1

CVE-2009-2802

  • EPSS 0.45%
  • Veröffentlicht 09.11.2019 03:15:10
  • Zuletzt bearbeitet 21.11.2024 01:05:46

MantisBT 1.2.x before 1.2.2 insecurely handles attachments and MIME types. Arbitrary inline attachment rendering could lead to cross-domain scripting or other browser attacks.

4.3

CVE-2013-1811

  • EPSS 0.33%
  • Veröffentlicht 07.11.2019 23:15:10
  • Zuletzt bearbeitet 21.11.2024 01:50:26

An access control issue in MantisBT before 1.2.13 allows users with "Reporter" permissions to change any issue to "New".