[MEDIUM] MantisBT Has Authorization Bypass in Global Profile Creation

PKSA-7hdg-8xc6-bhnt CVE-2026-33052 GHSA-68w5-w573-q2r8

Affected package: mantisbt/mantisbt

Affected version: >=2.28.0,<2.28.2

Reported by:
GitHub