Filtered by vendor Mantisbt
Subscriptions
Filtered by product Mantisbt
Subscriptions
Total
110 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2020-25830 | 1 Mantisbt | 1 Mantisbt | 2024-08-04 | 4.8 Medium |
| An issue was discovered in MantisBT before 2.24.3. Improper escaping of a custom field's name allows an attacker to inject HTML and, if CSP settings permit, achieve execution of arbitrary JavaScript when attempting to update said custom field via bug_actiongroup_page.php. | ||||
| CVE-2020-25781 | 1 Mantisbt | 1 Mantisbt | 2024-08-04 | 4.3 Medium |
| An issue was discovered in file_download.php in MantisBT before 2.24.3. Users without access to view private issue notes are able to download the (supposedly private) attachments linked to these notes by accessing the corresponding file download URL directly. | ||||
| CVE-2020-25288 | 1 Mantisbt | 1 Mantisbt | 2024-08-04 | 4.8 Medium |
| An issue was discovered in MantisBT before 2.24.3. When editing an Issue in a Project where a Custom Field with a crafted Regular Expression property is used, improper escaping of the corresponding form input's pattern attribute allows HTML injection and, if CSP settings permit, execution of arbitrary JavaScript. | ||||
| CVE-2020-16266 | 1 Mantisbt | 1 Mantisbt | 2024-08-04 | 5.4 Medium |
| An XSS issue was discovered in MantisBT before 2.24.2. Improper escaping on view_all_bug_page.php allows a remote attacker to inject arbitrary HTML into the page by saving it into a text Custom Field, leading to possible code execution in the browser of any user subsequently viewing the issue (if CSP settings allow it). | ||||
| CVE-2021-43257 | 1 Mantisbt | 1 Mantisbt | 2024-08-04 | 7.8 High |
| Lack of Neutralization of Formula Elements in the CSV API of MantisBT before 2.25.3 allows an unprivileged attacker to execute code or gain access to information when a user opens the csv_export.php generated CSV file in Excel. | ||||
| CVE-2021-33557 | 1 Mantisbt | 1 Mantisbt | 2024-08-03 | 6.1 Medium |
| An XSS issue was discovered in manage_custom_field_edit_page.php in MantisBT before 2.25.2. Unescaped output of the return parameter allows an attacker to inject code into a hidden input field. | ||||
| CVE-2022-33910 | 1 Mantisbt | 1 Mantisbt | 2024-08-03 | 5.4 Medium |
| An XSS vulnerability in MantisBT before 2.25.5 allows remote attackers to attach crafted SVG documents to issue reports or bugnotes. When a user or an admin clicks on the attachment, file_download.php opens the SVG document in a browser tab instead of downloading it as a file, causing the JavaScript code to execute. | ||||
| CVE-2022-28508 | 1 Mantisbt | 1 Mantisbt | 2024-08-03 | 6.1 Medium |
| An XSS issue was discovered in browser_search_plugin.php in MantisBT before 2.25.2. Unescaped output of the return parameter allows an attacker to inject code into a hidden input field. | ||||
| CVE-2022-26144 | 1 Mantisbt | 1 Mantisbt | 2024-08-03 | 6.1 Medium |
| An XSS issue was discovered in MantisBT before 2.25.3. Improper escaping of a Plugin name allows execution of arbitrary code (if CSP allows it) in manage_plugin_page.php and manage_plugin_uninstall.php when a crafted plugin is installed. | ||||
| CVE-2023-22476 | 1 Mantisbt | 1 Mantisbt | 2024-08-02 | 4.3 Medium |
| Mantis Bug Tracker (MantisBT) is an open source issue tracker. In versions prior to 2.25.6, due to insufficient access-level checks, any logged-in user allowed to perform Group Actions can access to the _Summary_ field of private Issues (i.e. having Private view status, or belonging to a private Project) via a crafted `bug_arr[]` parameter in *bug_actiongroup_ext.php*. This issue is fixed in version 2.25.6. There are no workarounds. | ||||