mantisbt

Top products

The 15 most recently published vulnerabilities affecting mantisbt.

• CVE-2026-39960MantisBT is Vulnerable to Stored XSS through Custom Field Textarea Values5.4May 20, 2026
• CVE-2026-34754MantisBT allows unauthorized users to upload attachments to restricted issues via REST API4.3May 19, 2026
• CVE-2026-33548MantisBT has Stored HTML Injection / XSS when displaying Tags in Timeline6.1Mar 23, 2026
• CVE-2026-33517MantisBT Vulnerable to Stored HTML Injection in Tag Delete Confirmation6.1Mar 23, 2026
• CVE-2026-30849MantisBT SOAP API has an authentication bypass vulnerability on MySQL9.8Mar 23, 2026
• CVE-2025-62520MantisBT unauthorized disclosure of private project column configuration4.3Nov 4, 2025
• CVE-2025-55155MantisBT: Authentication bypass for some passwords due to PHP type juggling5.4Nov 4, 2025
• CVE-2025-47776MantisBT: Authentication bypass for some passwords due to PHP type juggling9.1Nov 4, 2025
• CVE-2025-46556MantisBT is Vulnerable to Denial-of-Service (DoS) attack via Excessive Note Length6.5Nov 4, 2025
• CVE-2024-45792MantisBT vulnerable to information disclosure with user profiles6.5Sep 30, 2024
• CVE-2024-34081MantisBT Cross-site Scripting vulnerability6.6May 13, 2024
• CVE-2024-34080MantisBT Vulnerable to Exposure of Sensitive Information to an Unauthorized Actor5.3May 13, 2024
• CVE-2024-34077MantisBT user account takeover in the signup/reset password process7.3May 13, 2024
• CVE-2024-23830MantisBT Host Header Injection vulnerability8.3Feb 20, 2024
• CVE-2023-49802MantisBT LinkedCustomFields Cross-site Scripting vulnerability6.7Dec 11, 2023