Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
mantisbt source integration vulnerabilities and exploits
(subscribe to this query)
383
VMScore
CVE-2017-6958
An XSS vulnerability in the MantisBT Source Integration Plugin (prior to 2.0.2) search result page allows an malicious user to inject arbitrary HTML or JavaScript (if MantisBT's CSP settings permit it) by crafting any valid parameter.
Mantisbt Source Integration
445
VMScore
CVE-2020-36192
An issue exists in the Source Integration plugin prior to 2.4.1 for MantisBT. An attacker can gain access to the Summary field of private Issues (either marked as Private, or part of a private Project), if they are attached to an existing Changeset. The information is visible on ...
Mantisbt Source Integration
383
VMScore
CVE-2018-16362
An issue exists in the Source Integration plugin prior to 1.5.9 and 2.x prior to 2.1.5 for MantisBT. A cross-site scripting (XSS) vulnerability in the Manage Repository and Changesets List pages allows execution of arbitrary code (if CSP settings permit it) via repo_manage_page.p...
Mantisbt Source Integration
383
VMScore
CVE-2020-8981
A cross-site scripting (XSS) vulnerability exists in the Source Integration plugin prior to 1.6.2 and 2.x prior to 2.3.1 for MantisBT. The repo_delete.php Delete Repository page allows execution of arbitrary code via a repo name (if CSP settings permit it). This is related to CVE...
Mantisbt Source Integration
NA
CVE-2023-44394
MantisBT is an open source bug tracker. Due to insufficient access-level checks on the Wiki redirection page, any user can reveal private Projects' names, by accessing wiki.php with sequentially incremented IDs. This issue has been addressed in commit `65c44883f` which has b...
Mantisbt Mantisbt
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
type confusion
IMAP
CVE-2024-36103
CVE-2024-28995
CVE-2024-37325
CVE-2024-30078
CVE-2024-30082
SQL injection
CVE-2024-30052
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started