Security Advisories - mantisbt/mantisbt

mantisbt/mantisbt Security Advisories for 2.19.1 (30)

[CRITICAL] MantisBT is vulnerable to authentication bypass through the SOAP API on MySQL

PKSA-cwyv-kt56-ndf5 CVE-2026-30849 GHSA-phrq-pc6r-f6gh

Affected version: <2.28.1

Reported by:
GitHub
[MEDIUM] MantisBT unauthorized disclosure of private project column configuration

PKSA-h3h3-9cvh-htmg CVE-2025-62520 GHSA-g582-8vwr-68h2

Affected version: <2.27.2

Reported by:
GitHub
[MEDIUM] MantisBT lacks verification when changing a user's email address

PKSA-983m-gpx4-ywx3 CVE-2025-55155 GHSA-q747-c74m-69pr

Affected version: <2.27.2

Reported by:
GitHub
[MEDIUM] MantisBT Vulnerable to Denial-of-Service (DoS) via Excessive Note Length

PKSA-r8rw-8k4b-bvgz CVE-2025-46556 GHSA-r3jf-hm7q-qfw5

Affected version: <2.27.2

Reported by:
GitHub
[HIGH] MantisBT vulnerable to authentication bypass for some passwords due to PHP type juggling

PKSA-gxs3-7yhj-kxf3 CVE-2025-47776 GHSA-4v8w-gg5j-ph37

Affected version: <2.27.2

Reported by:
GitHub
[MEDIUM] MantisBT vulnerable to information disclosure with user profiles

PKSA-9rc9-dxmv-6ty7 CVE-2024-45792 GHSA-h5q3-fjp4-2x7r

Affected version: <=2.26.3

Reported by:
GitHub
[MEDIUM] Mantis Bug Tracker (MantisBT) vulnerable to cross-site scripting

PKSA-s5w7-qrwt-4ggd CVE-2024-34081 GHSA-wgx7-jp56-65mq

Affected version: <2.26.2

Reported by:
GitHub
[MEDIUM] MantisBT Vulnerable to Exposure of Sensitive Information to an Unauthorized Actor

PKSA-sqwp-pr85-66jc CVE-2024-34080 GHSA-99jc-wqmr-ff2q

Affected version: <2.26.2

Reported by:
GitHub
[HIGH] Mantis Bug Tracker (MantisBT) allows user account takeover in the signup/reset password process

PKSA-vn99-1c14-x82z CVE-2024-34077 GHSA-93x3-m7pw-ppqm

Affected version: <=2.26.1

Reported by:
GitHub
[HIGH] MantisBT Host Header Injection vulnerability

PKSA-h79w-zb4t-bjtf CVE-2024-23830 GHSA-mcqj-7p29-9528

Affected version: <2.26.1

Reported by:
GitHub
[MEDIUM] MantisBT may disclose project names to unauthorized users

PKSA-v5jj-zbts-m2nv CVE-2023-44394 GHSA-v642-mh27-8j6m

Affected version: <=2.25.7

Reported by:
GitHub
[MEDIUM] MantisBT may expose private issues' summaries to unauthorized users

PKSA-dj4p-kydz-sr1n CVE-2023-22476 GHSA-hf4x-6h87-hm79

Affected version: <=2.25.5

Reported by:
GitHub
[MEDIUM] MantisBT XSS through crafted SVG documents in file_download.php

PKSA-4vhk-bvmc-ws85 CVE-2022-33910 GHSA-qghg-v7xv-q98q

Affected version: <2.25.5

Reported by:
GitHub
[MEDIUM] MantisBT allows XSS in manage_custom_field_edit_page.php

PKSA-db2k-fbvq-zkwt CVE-2021-33557 GHSA-52cx-vphc-jmjm

Affected version: <=2.25.1

Reported by:
GitHub
[MEDIUM] MantisBT XSS in manage_custom_field_update.php

PKSA-3369-tnqk-b63p CVE-2020-35571 GHSA-cvrm-cr3m-qj92

Affected version: <=2.24.5

Reported by:
GitHub
[MEDIUM] MantisBT Insecure Storage in manage_proj_edit_page.php

PKSA-h55j-9sr9-tms2 CVE-2020-29603 GHSA-qpj5-f88q-x7px

Affected version: <2.24.4

Reported by:
GitHub
[MEDIUM] MantisBT Incorrect Authorization in bug_actiongroup_page.php

PKSA-q6mz-3mgn-h2jn CVE-2020-29605 GHSA-pgg9-mmcg-8mxp

Affected version: <2.24.4

Reported by:
GitHub
[MEDIUM] MantisBT Missing Authorization access check in bug_actiongroup.php

PKSA-5kvg-vtwr-36w9 CVE-2020-29604 GHSA-f38c-wxp6-8xjv

Affected version: <2.24.4

Reported by:
GitHub
[HIGH] MantisBT Incorrect Authorization for bug_revision_view_page.php check

PKSA-v1ky-5hzd-xnnv CVE-2020-35849 GHSA-7j8m-fm49-xgmg

Affected version: <=2.24.3

Reported by:
GitHub
[MEDIUM] MantisBT SQL Injection via mc_project_get_users function

PKSA-hcc7-ghdp-n96c CVE-2020-28413 GHSA-49w9-82cj-xr48

Affected version: <=2.24.3

Reported by:
GitHub
[MEDIUM] MantisBT unauthorized users able to access private files

PKSA-z1yw-jjvh-1vjz CVE-2020-25781 GHSA-xjmx-cprh-646r

Affected version: <2.24.3

Reported by:
GitHub
[MEDIUM] MantisBT HTML Injection vulnerability

PKSA-npkm-62tx-y9yj CVE-2020-25830 GHSA-2pm7-q8pc-xhvq

Affected version: <2.24.3

Reported by:
GitHub
[MEDIUM] MantisBT XSS issue on the view_all_bug_page.php

PKSA-vrvq-4npk-d9fr CVE-2020-16266 GHSA-4rrc-5vp6-m3f6

Affected version: >=2.1.0,<=2.24.1

Reported by:
GitHub
[MEDIUM] MantisBT XSS when uploading an attachment

PKSA-srf3-2rxv-55nf CVE-2019-15539 GHSA-p495-jrpq-p66g

Affected version: <2.21.3

Reported by:
GitHub
[HIGH] MantisBT Remote Code Execution

PKSA-3qzp-r9gn-kn2n CVE-2019-15715 GHSA-v23g-wjvq-2fpf

Affected version: >=2.0.0,<2.22.1|<1.3.20

Reported by:
GitHub
[MEDIUM] MantisBT allows cross-site scripting (XSS) via crafted filename

PKSA-t8wp-pwhj-pycz CVE-2019-15074 GHSA-gg4j-279j-22ph

Affected version: <2.21.2

Reported by:
GitHub
[MEDIUM] MantisBT vulnerable to XSS via unescaped output in browser_search_plugin.php

PKSA-q51k-ffgd-45fg CVE-2022-28508 GHSA-wfg2-2wmw-6894

Affected version: <=2.25.2

Reported by:
GitHub
[HIGH] MantisBT Insufficient Session Expiration cookie string not reset after logout

PKSA-45gx-2q1r-69kb CVE-2009-20001 GHSA-jm72-67rm-763j

Affected version: <=2.24.4

Reported by:
GitHub
[HIGH] MantisBT CSV Injection unprivileged user access in csv_export.php

PKSA-666f-jmzg-3cj8 CVE-2021-43257 GHSA-rg8f-5p7x-m6wv

Affected version: <=2.25.2

Reported by:
GitHub
[MEDIUM] MantisBT vulnerable to XSS due to improper escape in manage_plugin_page.php and manage_plugin_uninstall.php

PKSA-9cw5-6275-ghwx CVE-2022-26144 GHSA-rqgj-rqfr-5j6f

Affected version: <=2.25.2

Reported by:
GitHub

mantisbt/mantisbt Security Advisories for 2.19.1 (30)

[CRITICAL] MantisBT is vulnerable to authentication bypass through the SOAP API on MySQL

[MEDIUM] MantisBT unauthorized disclosure of private project column configuration

[MEDIUM] MantisBT lacks verification when changing a user's email address

[MEDIUM] MantisBT Vulnerable to Denial-of-Service (DoS) via Excessive Note Length

[HIGH] MantisBT vulnerable to authentication bypass for some passwords due to PHP type juggling

[MEDIUM] MantisBT vulnerable to information disclosure with user profiles

[MEDIUM] Mantis Bug Tracker (MantisBT) vulnerable to cross-site scripting

[MEDIUM] MantisBT Vulnerable to Exposure of Sensitive Information to an Unauthorized Actor

[HIGH] Mantis Bug Tracker (MantisBT) allows user account takeover in the signup/reset password process

[HIGH] MantisBT Host Header Injection vulnerability

[MEDIUM] MantisBT may disclose project names to unauthorized users

[MEDIUM] MantisBT may expose private issues' summaries to unauthorized users

[MEDIUM] MantisBT XSS through crafted SVG documents in file_download.php

[MEDIUM] MantisBT allows XSS in manage_custom_field_edit_page.php

[MEDIUM] MantisBT XSS in manage_custom_field_update.php

[MEDIUM] MantisBT Insecure Storage in manage_proj_edit_page.php

[MEDIUM] MantisBT Incorrect Authorization in bug_actiongroup_page.php

[MEDIUM] MantisBT Missing Authorization access check in bug_actiongroup.php

[HIGH] MantisBT Incorrect Authorization for bug_revision_view_page.php check

[MEDIUM] MantisBT SQL Injection via mc_project_get_users function

[MEDIUM] MantisBT unauthorized users able to access private files

[MEDIUM] MantisBT HTML Injection vulnerability

[MEDIUM] MantisBT XSS issue on the view_all_bug_page.php

[MEDIUM] MantisBT XSS when uploading an attachment

[HIGH] MantisBT Remote Code Execution

[MEDIUM] MantisBT allows cross-site scripting (XSS) via crafted filename

[MEDIUM] MantisBT vulnerable to XSS via unescaped output in browser_search_plugin.php

[HIGH] MantisBT Insufficient Session Expiration cookie string not reset after logout

[HIGH] MantisBT CSV Injection unprivileged user access in csv_export.php

[MEDIUM] MantisBT vulnerable to XSS due to improper escape in manage_plugin_page.php and manage_plugin_uninstall.php