Vulnerabilities > Mantisbt > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-12-11 | CVE-2023-49802 | Unspecified vulnerability in Mantisbt Linked Custom Fields 1.0/1.0.1/2.0.0 The LinkedCustomFields plugin for MantisBT allows users to link values between two custom fields, creating linked drop-downs. | 6.1 |
| 2023-10-16 | CVE-2023-44394 | Exposure of Resource to Wrong Sphere vulnerability in Mantisbt MantisBT is an open source bug tracker. | 4.3 |
| 2023-02-23 | CVE-2023-22476 | Unspecified vulnerability in Mantisbt Mantis Bug Tracker (MantisBT) is an open source issue tracker. | 4.3 |
| 2022-06-24 | CVE-2022-33910 | Cross-site Scripting vulnerability in Mantisbt An XSS vulnerability in MantisBT before 2.25.5 allows remote attackers to attach crafted SVG documents to issue reports or bugnotes. | 5.4 |
| 2022-05-04 | CVE-2022-28508 | Cross-site Scripting vulnerability in Mantisbt An XSS issue was discovered in browser_search_plugin.php in MantisBT before 2.25.2. | 6.1 |
| 2022-04-13 | CVE-2022-26144 | Cross-site Scripting vulnerability in Mantisbt An XSS issue was discovered in MantisBT before 2.25.3. | 6.1 |
| 2021-06-17 | CVE-2021-33557 | Cross-site Scripting vulnerability in Mantisbt An XSS issue was discovered in manage_custom_field_edit_page.php in MantisBT before 2.25.2. | 6.1 |
| 2021-02-22 | CVE-2020-35571 | Cross-site Scripting vulnerability in Mantisbt An issue was discovered in MantisBT through 2.24.3. | 6.1 |
| 2021-01-29 | CVE-2020-29605 | Incorrect Authorization vulnerability in Mantisbt An issue was discovered in MantisBT before 2.24.4. | 4.3 |
| 2021-01-29 | CVE-2020-29604 | Missing Authorization vulnerability in Mantisbt An issue was discovered in MantisBT before 2.24.4. | 6.5 |