mantisbt/mantisbt Security Advisories (65)
-
[HIGH] MantisBT Vulnerable to Stored XSS in File Download
PKSA-2yw5-k1t7-1bg1 CVE-2026-44657 GHSA-p6fr-rxq7-xcg8
Affected version: <=2.28.1
Reported by:
GitHub -
[HIGH] MantisBT has Stored XSS on Move Attachments Admin Page
PKSA-x2q4-xdvd-5bhg CVE-2026-44655 GHSA-7mqj-8gj2-cg59
Affected version: >=1.3.0,<=2.28.1
Reported by:
GitHub -
[HIGH] MantisBT has a Private Bugnote Attachment Content Leak via REST API
PKSA-d3fh-4w7k-rvy1 CVE-2026-42071 GHSA-pw5x-2mf9-3xc8
Affected version: >=2.23.0,<=2.28.1
Reported by:
GitHub -
[MEDIUM] MantisBT: Authorization Bypass in Bugnote Editing via Issue Update API
PKSA-67ww-bjf6-fqgz CVE-2026-42070 GHSA-pq86-j2c2-47f6
Affected version: <=2.28.1
Reported by:
GitHub -
[MEDIUM] MantisBT is Vulnerable to Reflected XSS in Rendering Dynamic Custom Textarea Field
PKSA-p4dp-frh9-2khv CVE-2026-41897 GHSA-j7v9-f46r-2rp4
Affected version: >=1.0.0,<2.28.2
Reported by:
GitHub -
[HIGH] MantisBT is Vulnerable to Stored XSS in Saved-Filter Owner Column
PKSA-j9zz-q8wb-jgsg CVE-2026-40607 GHSA-f633-865q-2mhh
Affected version: >=2.1.0,<=2.28.1
Reported by:
GitHub -
[MEDIUM] MantisBT has Potential Referer-Based Reflected HTML Injection / XSS in Tag Update Page
PKSA-gycx-g1kn-1tnd CVE-2026-40598 GHSA-6jh4-47v2-4g37
Affected version: <=2.28.1
Reported by:
GitHub -
[HIGH] MantisBT has a Content Security Policy bypass via attachments
PKSA-vmj5-ycv9-cm2v CVE-2026-40597 GHSA-9c3j-xm6v-j7j3
Affected version: <=2.28.1
Reported by:
GitHub -
[HIGH] MantisBT is Vulnerable to XSS leading to account takeover via updating a user's font family preference
PKSA-gt1y-4mwq-1fky CVE-2026-40596 GHSA-j3v9-553h-x28j
Affected version: >=2.11.0,<=2.28.1
Reported by:
GitHub -
[MEDIUM] MantisBT is Vulnerable to Stored XSS in Custom Field Textarea Values
PKSA-vqsr-dxg3-8yzy CVE-2026-39960 GHSA-qj6w-v29q-4rgx
Affected version: <=2.28.1
Reported by:
GitHub -
[MEDIUM] MantisBT: Bugnote Revision Page Leaks Private Issue Metadata After Issue Access Is Revoked
PKSA-r5kj-njzm-rsnd CVE-2026-34970 GHSA-crmx-4p49-46m2
Affected version: <=2.28.1
Reported by:
GitHub -
[MEDIUM] MantisBT has an Authorization Bypass that Allows Uploading Attachments to Private Issues via REST API
PKSA-vg9w-dq6n-8d9w CVE-2026-34754 GHSA-h4x5-gvx6-3rwc
Affected version: <=2.28.1
Reported by:
GitHub -
[MEDIUM] MantisBT has an authorization bypass that allows reading attachments after losing access to a private issue
PKSA-mqx4-yq62-zbx3 CVE-2026-34744 GHSA-rmp5-5jj7-gmvf
Affected version: <=2.28.1
Reported by:
GitHub -
[MEDIUM] MantisBT has an authorization bypass in private issue monitoring
PKSA-wqq3-5hnc-g52v CVE-2026-34579 GHSA-ggw7-9675-6v4v
Affected version: >=2.26.1,<=2.28.1
Reported by:
GitHub -
[HIGH] MantisBT is Vulnerable to Stored HTML Injection/XSS in Clone Issue Form
PKSA-fybf-x73k-s1x5 CVE-2026-34463 GHSA-fvjf-68wh-rwp2
Affected version: <=2.28.1
Reported by:
GitHub -
[MEDIUM] MantisBT Vulnerable to Privilege Escalation from Manager to Administrator
PKSA-9b5m-7bg5-xjqr CVE-2026-34390 GHSA-frf7-jhp9-jxm6
Affected version: <=2.28.1
Reported by:
GitHub -
[MEDIUM] MantisBT Has Authorization Bypass in Global Profile Creation
PKSA-7hdg-8xc6-bhnt CVE-2026-33052 GHSA-68w5-w573-q2r8
Affected version: >=2.28.0,<2.28.2
Reported by:
GitHub -
[HIGH] MantisBT has Stored HTML Injection/XSS when displaying Tags in Timeline
PKSA-snjj-r5pw-fbgn CVE-2026-33548 GHSA-73vx-49mv-v8w5
Affected version: =2.28.0
Reported by:
GitHub -
[HIGH] MantisBT Vulnerable to Stored HTML Injection in Tag Delete Confirmation
PKSA-dcyg-8m67-cs7k CVE-2026-33517 GHSA-fh48-f69w-7vmp
Affected version: =2.28.0
Reported by:
GitHub -
[CRITICAL] MantisBT is vulnerable to authentication bypass through the SOAP API on MySQL
PKSA-cwyv-kt56-ndf5 CVE-2026-30849 GHSA-phrq-pc6r-f6gh
Affected version: <2.28.1
Reported by:
GitHub -
[MEDIUM] MantisBT unauthorized disclosure of private project column configuration
PKSA-h3h3-9cvh-htmg CVE-2025-62520 GHSA-g582-8vwr-68h2
Affected version: <2.27.2
Reported by:
GitHub -
[MEDIUM] MantisBT lacks verification when changing a user's email address
PKSA-983m-gpx4-ywx3 CVE-2025-55155 GHSA-q747-c74m-69pr
Affected version: <2.27.2
Reported by:
GitHub -
[MEDIUM] MantisBT Vulnerable to Denial-of-Service (DoS) via Excessive Note Length
PKSA-r8rw-8k4b-bvgz CVE-2025-46556 GHSA-r3jf-hm7q-qfw5
Affected version: <2.27.2
Reported by:
GitHub -
[HIGH] MantisBT vulnerable to authentication bypass for some passwords due to PHP type juggling
PKSA-gxs3-7yhj-kxf3 CVE-2025-47776 GHSA-4v8w-gg5j-ph37
Affected version: <2.27.2
Reported by:
GitHub -
[MEDIUM] MantisBT vulnerable to information disclosure with user profiles
PKSA-9rc9-dxmv-6ty7 CVE-2024-45792 GHSA-h5q3-fjp4-2x7r
Affected version: <=2.26.3
Reported by:
GitHub -
[MEDIUM] Mantis Bug Tracker (MantisBT) vulnerable to cross-site scripting
PKSA-s5w7-qrwt-4ggd CVE-2024-34081 GHSA-wgx7-jp56-65mq
Affected version: <2.26.2
Reported by:
GitHub -
[MEDIUM] MantisBT Vulnerable to Exposure of Sensitive Information to an Unauthorized Actor
PKSA-sqwp-pr85-66jc CVE-2024-34080 GHSA-99jc-wqmr-ff2q
Affected version: <2.26.2
Reported by:
GitHub -
[HIGH] Mantis Bug Tracker (MantisBT) allows user account takeover in the signup/reset password process
PKSA-vn99-1c14-x82z CVE-2024-34077 GHSA-93x3-m7pw-ppqm
Affected version: <=2.26.1
Reported by:
GitHub -
[HIGH] MantisBT Host Header Injection vulnerability
PKSA-h79w-zb4t-bjtf CVE-2024-23830 GHSA-mcqj-7p29-9528
Affected version: <2.26.1
Reported by:
GitHub -
[MEDIUM] MantisBT may disclose project names to unauthorized users
PKSA-v5jj-zbts-m2nv CVE-2023-44394 GHSA-v642-mh27-8j6m
Affected version: <=2.25.7
Reported by:
GitHub -
[MEDIUM] MantisBT may expose private issues' summaries to unauthorized users
PKSA-dj4p-kydz-sr1n CVE-2023-22476 GHSA-hf4x-6h87-hm79
Affected version: <=2.25.5
Reported by:
GitHub -
[MEDIUM] MantisBT XSS through crafted SVG documents in file_download.php
PKSA-4vhk-bvmc-ws85 CVE-2022-33910 GHSA-qghg-v7xv-q98q
Affected version: <2.25.5
Reported by:
GitHub -
[MEDIUM] MantisBT allows XSS in manage_custom_field_edit_page.php
PKSA-db2k-fbvq-zkwt CVE-2021-33557 GHSA-52cx-vphc-jmjm
Affected version: <=2.25.1
Reported by:
GitHub -
[MEDIUM] MantisBT XSS in manage_custom_field_update.php
PKSA-3369-tnqk-b63p CVE-2020-35571 GHSA-cvrm-cr3m-qj92
Affected version: <=2.24.5
Reported by:
GitHub -
[MEDIUM] MantisBT Incorrect Authorization in bug_actiongroup_page.php
PKSA-q6mz-3mgn-h2jn CVE-2020-29605 GHSA-pgg9-mmcg-8mxp
Affected version: <2.24.4
Reported by:
GitHub -
[MEDIUM] MantisBT Missing Authorization access check in bug_actiongroup.php
PKSA-5kvg-vtwr-36w9 CVE-2020-29604 GHSA-f38c-wxp6-8xjv
Affected version: <2.24.4
Reported by:
GitHub -
[MEDIUM] MantisBT Insecure Storage in manage_proj_edit_page.php
PKSA-h55j-9sr9-tms2 CVE-2020-29603 GHSA-qpj5-f88q-x7px
Affected version: <2.24.4
Reported by:
GitHub -
[HIGH] MantisBT Incorrect Authorization for bug_revision_view_page.php check
PKSA-v1ky-5hzd-xnnv CVE-2020-35849 GHSA-7j8m-fm49-xgmg
Affected version: <=2.24.3
Reported by:
GitHub -
[MEDIUM] MantisBT SQL Injection via mc_project_get_users function
PKSA-hcc7-ghdp-n96c CVE-2020-28413 GHSA-49w9-82cj-xr48
Affected version: <=2.24.3
Reported by:
GitHub -
[MEDIUM] MantisBT HTML Injection vulnerability
PKSA-npkm-62tx-y9yj CVE-2020-25830 GHSA-2pm7-q8pc-xhvq
Affected version: <2.24.3
Reported by:
GitHub -
[MEDIUM] MantisBT unauthorized users able to access private files
PKSA-z1yw-jjvh-1vjz CVE-2020-25781 GHSA-xjmx-cprh-646r
Affected version: <2.24.3
Reported by:
GitHub -
[MEDIUM] MantisBT XXS where a Custom Field with a crafted Regular Expression property is used
PKSA-wgv3-hzy8-1dcy CVE-2020-25288 GHSA-qgrr-f26j-87vf
Affected version: >=2.23.0,<2.24.3
Reported by:
GitHub -
[MEDIUM] MantisBT XSS issue on the view_all_bug_page.php
PKSA-vrvq-4npk-d9fr CVE-2020-16266 GHSA-4rrc-5vp6-m3f6
Affected version: >=2.1.0,<=2.24.1
Reported by:
GitHub -
[MEDIUM] MantisBT XSS when uploading an attachment
PKSA-srf3-2rxv-55nf CVE-2019-15539 GHSA-p495-jrpq-p66g
Affected version: <2.21.3
Reported by:
GitHub -
[HIGH] MantisBT Remote Code Execution
PKSA-3qzp-r9gn-kn2n CVE-2019-15715 GHSA-v23g-wjvq-2fpf
Affected version: >=2.0.0,<2.22.1|<1.3.20
Reported by:
GitHub -
[MEDIUM] MantisBT allows cross-site scripting (XSS) via crafted filename
PKSA-t8wp-pwhj-pycz CVE-2019-15074 GHSA-gg4j-279j-22ph
Affected version: <2.21.2
Reported by:
GitHub -
[MEDIUM] MantisBT cross-site scripting (XSS) vulnerability through crafted PATH_INFO
PKSA-pww2-64c1-ygv6 CVE-2018-16514 GHSA-3qv7-98vm-xx2v
Affected version: >=2.1.0,<=2.17.0
Reported by:
GitHub -
[MEDIUM] MantisBT XSS through weak CSP when using Gravatar plugin
PKSA-hbgw-6kfd-yvsm CVE-2016-7111 GHSA-8vx9-hcvq-gfv8
Affected version: =2.0.0-beta.1|<=1.3.0
Reported by:
GitHub -
[MEDIUM] MantisBT vulnerable to CSRF and Open Redirect attacks
PKSA-vzxc-scpg-d56v CVE-2017-7620 GHSA-9x76-mp7r-2xc5
Affected version: >=2.4.0,<2.4.1|>=2.0.0,<2.3.3|<1.3.11
Reported by:
GitHub -
[MEDIUM] MantisBT XSS via my_view_page.php and view_user_page.php
PKSA-6jq2-5wz7-nk7m CVE-2017-7897 GHSA-8r2m-qhff-jm2c
Affected version: >=2.3.0,<2.3.2
Reported by:
GitHub -
[MEDIUM] MantisBT XSS via adm_config_report.php's action parameter
PKSA-jhf5-zpwn-9fxv CVE-2017-6973 GHSA-v7qf-22rw-chph
Affected version: >=2.2.0,<2.2.2|>=2.0.0,<2.1.2|<1.3.8
Reported by:
GitHub -
[MEDIUM] MantisBT XSS via move_attachments_page.php
PKSA-f32t-gmk7-tryx CVE-2017-7241 GHSA-x53v-v9xp-gf6g
Affected version: >=2.2.0,<2.2.3|>=2.0.0,<2.1.3|<1.3.9
Reported by:
GitHub -
[MEDIUM] MantisBT vulnerable to XSS through config_option parameter in adm_config_report.php
PKSA-gqfr-rmr1-1ny9 CVE-2017-7309 GHSA-4w6c-3hcx-rfj5
Affected version: >=2.2.0,<2.2.3|>=2.1.0,<2.1.3|<1.3.9
Reported by:
GitHub -
[MEDIUM] MantisBT vulnerable to XSS via unsanitized filter field in manage_user_page.php
PKSA-qngb-ngzb-h8pd CVE-2017-12062 GHSA-w93w-rx52-24qh
Affected version: >=2.0.0,<2.5.2
Reported by:
GitHub -
[MEDIUM] MantisBT allows XSS on the Edit Filter page via crafted filter name
PKSA-f7dn-qqzp-jcy3 CVE-2018-14504 GHSA-74gh-5j33-vg4w
Affected version: >=2.0.0,<=2.15.0
Reported by:
GitHub -
[MEDIUM] MantisBT allows XSS via View Filters page
PKSA-rxy9-sws1-6g27 CVE-2018-13055 GHSA-mjp7-97w4-jwhc
Affected version: >=2.1.0,<2.15.1
Reported by:
GitHub -
[LOW] MantisBT Cross-site Scripting vulnerability
PKSA-zjxq-cctn-qfz3 CVE-2010-2574 GHSA-74x7-mfvg-h2wf
Affected version: <=1.2.2
Reported by:
GitHub -
[MEDIUM] MantisBT allows XSS via Edit Filter page
PKSA-vf3d-9f8w-jvx8 CVE-2018-17783 GHSA-gcqw-45xq-xc63
Affected version: >=2.1.0,<2.17.2
Reported by:
GitHub -
[MEDIUM] MantisBT allows XSS via the Manage Filter page
PKSA-xm38-hkqg-mfk8 CVE-2018-17782 GHSA-ggjm-7m5f-7xjv
Affected version: >=2.1.0,<2.17.2
Reported by:
GitHub -
[HIGH] MantisBT allows arbitrary password reset
PKSA-g674-s94j-gf23 CVE-2017-7615 GHSA-252r-f55f-ff34
Affected version: >=2.3.0,<2.3.1|>=2.0.0,<2.2.4|>=1.3.0-rc.2,<1.3.10
Reported by:
GitHub -
[MEDIUM] MantisBT XSS allows unsanitized input via admin/install.php
PKSA-jkwp-98ww-jt8z CVE-2017-12061 GHSA-98xr-mmq5-vc5h
Affected version: >=2.0.0,<2.5.2|<=1.3.11
Reported by:
GitHub -
[MEDIUM] MantisBT vulnerable to XSS via unescaped output in browser_search_plugin.php
PKSA-q51k-ffgd-45fg CVE-2022-28508 GHSA-wfg2-2wmw-6894
Affected version: <=2.25.2
Reported by:
GitHub -
[HIGH] MantisBT Insufficient Session Expiration cookie string not reset after logout
PKSA-45gx-2q1r-69kb CVE-2009-20001 GHSA-jm72-67rm-763j
Affected version: <=2.24.4
Reported by:
GitHub -
[HIGH] MantisBT CSV Injection unprivileged user access in csv_export.php
PKSA-666f-jmzg-3cj8 CVE-2021-43257 GHSA-rg8f-5p7x-m6wv
Affected version: <=2.25.2
Reported by:
GitHub -
[MEDIUM] MantisBT vulnerable to XSS due to improper escape in manage_plugin_page.php and manage_plugin_uninstall.php
PKSA-9cw5-6275-ghwx CVE-2022-26144 GHSA-rqgj-rqfr-5j6f
Affected version: <=2.25.2
Reported by:
GitHub