[HIGH] MantisBT is Vulnerable to Stored XSS in Saved-Filter Owner Column

PKSA-j9zz-q8wb-jgsg CVE-2026-40607 GHSA-f633-865q-2mhh

Affected package: mantisbt/mantisbt

Affected version: >=2.1.0,<=2.28.1

Reported by:
GitHub