VYPR
Vendor

Mantisbt

Products
4
CVEs
171
Across products
181
Status
Private

Products

4

Recent CVEs

171
View all 171 CVEs →
  • CVE-2017-7615HigApr 16, 2017
    risk 0.67cvss 8.8epss 0.91

    MantisBT through 2.3.0 allows arbitrary password reset and unauthenticated admin access via an empty confirm_hash value to verify.php.

  • CVE-2026-44655HigMay 28, 2026
    risk 0.49cvss epss 0.00

    Mantis Bug Tracker (MantisBT) is an open source issue tracker. From 1.3.0 to 2.28.1, unescaped Project Name allows an attacker that can set it (which typically requires manager or administrator access level) to inject HTML in Move Attachments admin page. This vulnerability is…

  • CVE-2026-34463HigMay 19, 2026
    risk 0.49cvss epss 0.00

    Mantis Bug Tracker (MantisBT) is an open source issue tracker. Versions 2.28.1 and prior contain a Stored XSS vulnerability. When cloning an issue originating from a Project other than the current one, the clone form (bug_report_page.php) prepends the source Project name before…

  • CVE-2014-9624HigSep 12, 2017
    risk 0.49cvss 7.5epss 0.03

    CAPTCHA bypass vulnerability in MantisBT before 1.2.19.

  • CVE-2026-44657HigMay 28, 2026
    risk 0.42cvss epss 0.00

    Mantis Bug Tracker (MantisBT) is an open source issue tracker. Prior to 2.28.2, using show_inline=1 parameter and a valid file_show_inline_token CSRF token on file_download.php, an attacker can execute code by uploading a crafted XHTML attachment referencing a JavaScript…

  • CVE-2026-40607HigMay 22, 2026
    risk 0.42cvss epss 0.00

    Mantis Bug Tracker (MantisBT) is an open source issue tracker. In versions 2.11.0 through 2.28.1, a Stored XSS vulnerability is caused by incorrect escaping of a saved filter's owner, allowing an attacker to inject arbitrary HTML on systems where $g_show_user_realname = ON. Note…

  • CVE-2026-40597HigMay 22, 2026
    risk 0.42cvss epss 0.01

    Mantis Bug Tracker (MantisBT) is an open source issue tracker. In versions 2.28.1 and below, given any pre-existing XSS / HTML injection vulnerability, an attacker can bypass the Content Security Policy's script-src directive by uploading a crafted attachment to any issue that,…

  • CVE-2026-42071HigMay 28, 2026
    risk 0.40cvss epss 0.00

    Mantis Bug Tracker (MantisBT) is an open source issue tracker. From 2.23.0 to 2.28.1, a missing authorization check in MantisBT's file visibility function allows any authenticated user (REPORTER+) to download attachments on private bugnotes they should not be able to access, via…

  • CVE-2026-40596HigMay 22, 2026
    risk 0.40cvss epss 0.00

    Mantis Bug Tracker (MantisBT) is an open source issue tracker. Versions 2.11.0 through 2.28.1 allow any authenticated user to inject arbitrary HTML by updating their account's font family. Upon exploitation, an XSS payload would be reflected on every MantisBT page. Leveraging…

  • CVE-2018-16362MedSep 2, 2018
    risk 0.40cvss 6.1epss 0.02

    An issue was discovered in the Source Integration plugin before 1.5.9 and 2.x before 2.1.5 for MantisBT. A cross-site scripting (XSS) vulnerability in the Manage Repository and Changesets List pages allows execution of arbitrary code (if CSP settings permit it) via…

  • CVE-2015-2046MedAug 28, 2017
    risk 0.40cvss 6.1epss 0.02

    Cross-site scripting (XSS) vulnerability in MantisBT 1.2.13 and later before 1.2.20.

  • CVE-2017-7222MedMar 22, 2017
    risk 0.40cvss 6.1epss 0.01

    A cross-site scripting (XSS) vulnerability in MantisBT before 2.1.1 allows remote attackers to inject arbitrary HTML or JavaScript (if MantisBT's CSP settings permit it) by modifying 'window_title' in the application configuration. This requires privileged access to MantisBT…

  • CVE-2017-6958MedMar 17, 2017
    risk 0.40cvss 6.1epss 0.01

    An XSS vulnerability in the MantisBT Source Integration Plugin (before 2.0.2) search result page allows an attacker to inject arbitrary HTML or JavaScript (if MantisBT's CSP settings permit it) by crafting any valid parameter.

  • CVE-2017-6799MedMar 10, 2017
    risk 0.40cvss 6.1epss 0.04

    A cross-site scripting (XSS) vulnerability in view_filters_page.php in MantisBT before 2.2.1 allows remote attackers to inject arbitrary JavaScript via the 'view_type' parameter.

  • CVE-2017-6797MedMar 10, 2017
    risk 0.40cvss 6.1epss 0.02

    A cross-site scripting (XSS) vulnerability in bug_change_status_page.php in MantisBT before 1.3.7 and 2.x before 2.2.1 allows remote attackers to inject arbitrary JavaScript via the 'action_type' parameter.

  • CVE-2016-5364MedFeb 17, 2017
    risk 0.40cvss 6.1epss 0.02

    Cross-site scripting (XSS) vulnerability in manage_custom_field_edit_page.php in MantisBT 1.2.19 and earlier allows remote attackers to inject arbitrary web script or HTML via the return parameter.

  • CVE-2016-6837MedJan 10, 2017
    risk 0.40cvss 6.1epss 0.04

    Cross-site scripting (XSS) vulnerability in MantisBT Filter API in MantisBT versions before 1.2.19, and versions 2.0.0-beta1, 1.3.0-beta1 allows remote attackers to inject arbitrary web script or HTML via the 'view_type' parameter.

  • CVE-2026-40598MedMay 22, 2026
    risk 0.38cvss epss 0.00

    Mantis Bug Tracker (MantisBT) is an open source issue tracker. In versions 2.28.1 and below, improper escaping of the redirection page (retrieved from the request's Referer header) allows an attacker to inject HTML. While this is generally not directly actionable as modern…

  • CVE-2017-7620MedMay 21, 2017
    risk 0.38cvss 6.5epss 0.01

    MantisBT before 1.3.11, 2.x before 2.3.3, and 2.4.x before 2.4.1 omits a backslash check in string_api.php and consequently has conflicting interpretations of an initial \/ substring as introducing either a local pathname or a remote hostname, which leads to (1) arbitrary…

  • CVE-2014-9701MedAug 9, 2017
    risk 0.35cvss 6.5epss 0.02

    Cross-site scripting (XSS) vulnerability in MantisBT before 1.2.19 and 1.3.x before 1.3.0-beta.2 allows remote attackers to inject arbitrary web script or HTML via the url parameter to permalink_page.php.