Vulnerabilities > Mantisbt

DATE CVE VULNERABILITY TITLE RISK
2023-12-11 CVE-2023-49802 Cross-site Scripting vulnerability in Mantisbt Linked Custom Fields 1.0/1.0.1/2.0.0
The LinkedCustomFields plugin for MantisBT allows users to link values between two custom fields, creating linked drop-downs.
network
low complexity
mantisbt CWE-79
6.1
2023-10-16 CVE-2023-44394 Exposure of Resource to Wrong Sphere vulnerability in Mantisbt
MantisBT is an open source bug tracker.
network
low complexity
mantisbt CWE-668
4.3
2023-02-23 CVE-2023-22476 Unspecified vulnerability in Mantisbt
Mantis Bug Tracker (MantisBT) is an open source issue tracker.
network
low complexity
mantisbt
4.3
2022-06-24 CVE-2022-33910 Cross-site Scripting vulnerability in Mantisbt
An XSS vulnerability in MantisBT before 2.25.5 allows remote attackers to attach crafted SVG documents to issue reports or bugnotes.
network
mantisbt CWE-79
3.5
2022-05-04 CVE-2022-28508 Cross-site Scripting vulnerability in Mantisbt
An XSS issue was discovered in browser_search_plugin.php in MantisBT before 2.25.2.
network
mantisbt CWE-79
4.3
2022-04-14 CVE-2021-43257 Improper Neutralization of Formula Elements in a CSV File vulnerability in Mantisbt
Lack of Neutralization of Formula Elements in the CSV API of MantisBT before 2.25.3 allows an unprivileged attacker to execute code or gain access to information when a user opens the csv_export.php generated CSV file in Excel.
network
mantisbt CWE-1236
6.0
2022-04-13 CVE-2022-26144 Cross-site Scripting vulnerability in Mantisbt
An XSS issue was discovered in MantisBT before 2.25.3.
network
mantisbt CWE-79
4.3
2021-06-17 CVE-2021-33557 Cross-site Scripting vulnerability in Mantisbt
An XSS issue was discovered in manage_custom_field_edit_page.php in MantisBT before 2.25.2.
network
mantisbt CWE-79
4.3
2021-03-07 CVE-2009-20001 Insufficient Session Expiration vulnerability in Mantisbt
An issue was discovered in MantisBT before 2.24.5.
network
low complexity
mantisbt CWE-613
5.5
2021-02-22 CVE-2020-35571 Cross-site Scripting vulnerability in Mantisbt
An issue was discovered in MantisBT through 2.24.3.
network
mantisbt CWE-79
4.3