| CVE-2017-7615 |
high |
8.8 |
9.8 |
|
|
|
9y ago |
MantisBT allows arbitrary password reset |
| CVE-2026-44657 |
high |
— |
8.0 |
|
|
|
24d ago |
Mantis Bug Tracker (MantisBT) is an open source issue tracker. Prior to 2.28.2, using show_inline=1 parameter and a valid file_show_inline_token CSRF token on file_download.php, an attacker can execu… |
| CVE-2026-44655 |
high |
— |
8.0 |
|
|
|
24d ago |
Mantis Bug Tracker (MantisBT) is an open source issue tracker. From 1.3.0 to 2.28.1, unescaped Project Name allows an attacker that can set it (which typically requires manager or administrator acces… |
| CVE-2026-42071 |
high |
— |
8.0 |
|
|
|
24d ago |
Mantis Bug Tracker (MantisBT) is an open source issue tracker. From 2.23.0 to 2.28.1, a missing authorization check in MantisBT's file visibility function allows any authenticated user (REPORTER+) to… |
| CVE-2026-40607 |
high |
— |
8.0 |
|
|
|
24d ago |
MantisBT is Vulnerable to Stored XSS in Saved-Filter Owner Column |
| CVE-2026-40597 |
high |
— |
8.0 |
|
|
|
24d ago |
MantisBT has a Content Security Policy bypass via attachments |
| CVE-2026-40596 |
high |
— |
8.0 |
|
|
|
24d ago |
MantisBT is Vulnerable to XSS leading to account takeover via updating a user's font family preference |
| CVE-2026-34463 |
high |
— |
8.0 |
|
|
|
24d ago |
MantisBT is Vulnerable to Stored HTML Injection/XSS in Clone Issue Form |
| CVE-2017-7620 |
medium |
6.5 |
7.5 |
|
|
|
9y ago |
MantisBT vulnerable to CSRF and Open Redirect attacks |
| CVE-2017-12062 |
medium |
6.1 |
6.1 |
|
|
|
9y ago |
MantisBT vulnerable to XSS via unsanitized filter field in manage_user_page.php |
| CVE-2017-12061 |
medium |
6.1 |
6.1 |
|
|
|
9y ago |
MantisBT XSS allows unsanitized input via admin/install.php |
| CVE-2017-7897 |
medium |
6.1 |
6.1 |
|
|
|
9y ago |
MantisBT XSS via my_view_page.php and view_user_page.php |
| CVE-2026-42070 |
medium |
— |
5.5 |
|
|
|
24d ago |
Mantis Bug Tracker (MantisBT) is an open source issue tracker. Prior to 2.28.2, the mc_issue_update() function in MantisBT allows users having update_bug_threshold access (UPDATER, with default setti… |
| CVE-2026-41897 |
medium |
— |
5.5 |
|
|
|
24d ago |
Mantis Bug Tracker (MantisBT) is an open source issue tracker. From 1.0.0 to 2.28.1, lack of validation of filter_target parameter on return_dynamic_filters.php (normally used as an AJAX in View Issu… |
| CVE-2026-40598 |
medium |
— |
5.5 |
|
|
|
24d ago |
MantisBT has Potential Referer-Based Reflected HTML Injection / XSS in Tag Update Page |
| CVE-2026-34970 |
medium |
— |
5.5 |
|
|
|
24d ago |
MantisBT: Bugnote Revision Page Leaks Private Issue Metadata After Issue Access Is Revoked |
| CVE-2026-34744 |
medium |
— |
5.5 |
|
|
|
24d ago |
MantisBT has an authorization bypass that allows reading attachments after losing access to a private issue |
| CVE-2026-34579 |
medium |
— |
5.5 |
|
|
|
24d ago |
MantisBT has an authorization bypass in private issue monitoring |
| CVE-2026-34390 |
medium |
— |
5.5 |
|
|
|
24d ago |
MantisBT Vulnerable to Privilege Escalation from Manager to Administrator |
| CVE-2026-33052 |
medium |
— |
5.5 |
|
|
|
25d ago |
MantisBT Has Authorization Bypass in Global Profile Creation |
| CVE-2026-39960 |
medium |
5.4 |
5.4 |
|
|
|
24d ago |
MantisBT is Vulnerable to Stored XSS in Custom Field Textarea Values |
| CVE-2017-7309 |
medium |
4.8 |
4.8 |
|
|
|
9y ago |
MantisBT vulnerable to XSS through config_option parameter in adm_config_report.php |
| CVE-2017-7241 |
medium |
4.8 |
4.8 |
|
|
|
9y ago |
MantisBT XSS via move_attachments_page.php |
| CVE-2017-6973 |
medium |
4.8 |
4.8 |
|
|
|
9y ago |
MantisBT XSS via adm_config_report.php's action parameter |
| CVE-2016-7111 |
medium |
4.7 |
4.7 |
|
|
|
9y ago |
MantisBT XSS through weak CSP when using Gravatar plugin |
| CVE-2026-34754 |
medium |
4.3 |
4.3 |
|
|
|
24d ago |
MantisBT has an Authorization Bypass that Allows Uploading Attachments to Private Issues via REST API |
