[HIGH] MantisBT has Stored XSS on Move Attachments Admin Page

PKSA-x2q4-xdvd-5bhg CVE-2026-44655 GHSA-7mqj-8gj2-cg59

Affected package: mantisbt/mantisbt

Affected version: >=1.3.0,<=2.28.1

Reported by:
GitHub