Security Advisories - mantisbt/mantisbt - Packagist

mantisbt/mantisbt Security Advisories for 2.7.1 (4)

[HIGH] MantisBT Host Header Injection vulnerability

PKSA-h79w-zb4t-bjtf CVE-2024-23830 GHSA-mcqj-7p29-9528

Affected version: <2.26.1

Reported by:
GitHub
[MEDIUM] MantisBT may disclose project names to unauthorized users

PKSA-v5jj-zbts-m2nv CVE-2023-44394 GHSA-v642-mh27-8j6m

Affected version: <=2.25.7

Reported by:
GitHub
[MEDIUM] MantisBT may expose private issues' summaries to unauthorized users

PKSA-dj4p-kydz-sr1n CVE-2023-22476 GHSA-hf4x-6h87-hm79

Affected version: <=2.25.5

Reported by:
GitHub
[MEDIUM] MantisBT HTML Injection vulnerability

PKSA-npkm-62tx-y9yj CVE-2020-25830 GHSA-2pm7-q8pc-xhvq

Affected version: <2.24.3

Reported by:
GitHub