Ecosyste.ms: Advisories

Browse Security Advisories

Security Advisories for mantisbt/mantisbt Clear Filters

Moderate

12 months ago

MantisBT vulnerable to information disclosure with user profiles GSA_kwCzR0hTQS1oNXEzLWZqcDQtMng3cs4AA_3z

packagist mantisbt/mantisbt

Moderate

over 1 year ago

Mantis Bug Tracker (MantisBT) vulnerable to cross-site scripting GSA_kwCzR0hTQS13Z3g3LWpwNTYtNjVtcc4AA74m

packagist mantisbt/mantisbt

Moderate

over 1 year ago

MantisBT Vulnerable to Exposure of Sensitive Information to an Unauthorized Actor GSA_kwCzR0hTQS05OWpjLXdxbXItZmYycc4AA74l

packagist mantisbt/mantisbt

High

over 1 year ago

Mantis Bug Tracker (MantisBT) allows user account takeover in the signup/reset password process GSA_kwCzR0hTQS05M3gzLW03cHctcHBxbc4AA74k

packagist mantisbt/mantisbt

High

over 1 year ago

MantisBT Host Header Injection vulnerability GSA_kwCzR0hTQS1tY3FqLTdwMjktOTUyOM4AA5Zo

packagist mantisbt/mantisbt

Moderate

almost 2 years ago

MantisBT may disclose project names to unauthorized users GSA_kwCzR0hTQS12NjQyLW1oMjctOGo2bc4AA2gW

packagist mantisbt/mantisbt

Moderate

over 2 years ago

MantisBT may expose private issues' summaries to unauthorized users GSA_kwCzR0hTQS1oZjR4LTZoODctaG03Oc4AAxyU

packagist mantisbt/mantisbt

Moderate

about 3 years ago

MantisBT XSS through crafted SVG documents in file_download.php GSA_kwCzR0hTQS1xZ2hnLXY3eHYtcTk4cc4AAs9h

packagist mantisbt/mantisbt

Moderate

over 3 years ago

MantisBT allows XSS in manage_custom_field_edit_page.php GSA_kwCzR0hTQS01MmN4LXZwaGMtam1qbc4AAo3i

packagist mantisbt/mantisbt

Moderate

over 3 years ago

MantisBT XSS in manage_custom_field_update.php GSA_kwCzR0hTQS1jdnJtLWNyM20tcWo5Ms4AAnol

packagist mantisbt/mantisbt

Moderate

over 3 years ago

MantisBT Incorrect Authorization in bug_actiongroup_page.php GSA_kwCzR0hTQS1wZ2c5LW1tY2ctOG14cM4AAnYT

packagist mantisbt/mantisbt

Moderate

over 3 years ago

MantisBT Insecure Storage in manage_proj_edit_page.php GSA_kwCzR0hTQS1xcGo1LWY4OHEteDdweM4AAnYM

packagist mantisbt/mantisbt

Moderate

over 3 years ago

MantisBT Missing Authorization access check in bug_actiongroup.php GSA_kwCzR0hTQS1mMzhjLXd4cDYtOHhqds4AAnYF

packagist mantisbt/mantisbt

High

over 3 years ago

MantisBT Incorrect Authorization for bug_revision_view_page.php check GSA_kwCzR0hTQS03ajhtLWZtNDkteGdtZ84AAnDz

packagist mantisbt/mantisbt

Moderate

over 3 years ago

MantisBT SQL Injection via mc_project_get_users function GSA_kwCzR0hTQS00OXc5LTgyY2oteHI0OM4AAnCk

packagist mantisbt/mantisbt

Moderate

over 3 years ago

MantisBT unauthorized users able to access private files GSA_kwCzR0hTQS14am14LWNwcmgtNjQ2cs4AAmHR

packagist mantisbt/mantisbt

Moderate

over 3 years ago

MantisBT HTML Injection vulnerability GSA_kwCzR0hTQS0ycG03LXE4cGMteGh2cc4AAmHW

packagist mantisbt/mantisbt

Moderate

over 3 years ago

MantisBT XXS where a Custom Field with a crafted Regular Expression property is used GSA_kwCzR0hTQS1xZ3JyLWYyNmotODd2Zs4AAmHM

packagist mantisbt/mantisbt

Moderate

over 3 years ago

MantisBT XSS issue on the view_all_bug_page.php GSA_kwCzR0hTQS00cnJjLTV2cDYtbTNmNs4AAlkz

packagist mantisbt/mantisbt

Moderate

over 3 years ago

MantisBT XSS when uploading an attachment GSA_kwCzR0hTQS1wNDk1LWpycHEtcDY2Z84AAj85

packagist mantisbt/mantisbt

High

over 3 years ago

MantisBT Remote Code Execution GSA_kwCzR0hTQS12MjNnLXdqdnEtMmZwZs4AAiUI

packagist mantisbt/mantisbt

Moderate

over 3 years ago

MantisBT allows cross-site scripting (XSS) via crafted filename GSA_kwCzR0hTQS1nZzRqLTI3OWotMjJwaM4AAh1B

packagist mantisbt/mantisbt

Moderate

over 3 years ago

MantisBT cross-site scripting (XSS) vulnerability through crafted PATH_INFO GSA_kwCzR0hTQS0zcXY3LTk4dm0teHgyds4AAhEl

packagist mantisbt/mantisbt

Moderate

over 3 years ago

MantisBT XSS through weak CSP when using Gravatar plugin GSA_kwCzR0hTQS04dng5LWhjdnEtZ2Z2OM4AAb7h

packagist mantisbt/mantisbt

Moderate

over 3 years ago

MantisBT vulnerable to CSRF and Open Redirect attacks GSA_kwCzR0hTQS05eDc2LW1wN3ItMnhjNc4AAbU8

packagist mantisbt/mantisbt

Moderate

over 3 years ago

MantisBT XSS via my_view_page.php and view_user_page.php GSA_kwCzR0hTQS04cjJtLXFoZmYtam0yY84AAbRV

packagist mantisbt/mantisbt

Moderate

over 3 years ago

MantisBT vulnerable to XSS through config_option parameter in adm_config_report.php GSA_kwCzR0hTQS00dzZjLTNoY3gtcmZqNc4AAbOi

packagist mantisbt/mantisbt

Moderate

over 3 years ago

MantisBT XSS via adm_config_report.php's action parameter GSA_kwCzR0hTQS12N3FmLTIycnctY2hwaM4AAbOl

packagist mantisbt/mantisbt

Moderate

over 3 years ago

MantisBT XSS via move_attachments_page.php GSA_kwCzR0hTQS14NTN2LXY5eHAtZ2Y2Z84AAbOS

packagist mantisbt/mantisbt

Moderate

over 3 years ago

MantisBT vulnerable to XSS via unsanitized filter field in manage_user_page.php GSA_kwCzR0hTQS13OTN3LXJ4NTItMjRxaM4AAa0o

packagist mantisbt/mantisbt

Moderate

over 3 years ago

MantisBT allows XSS on the Edit Filter page via crafted filter name GSA_kwCzR0hTQS03NGdoLTVqMzMtdmc0d84AAWQK

packagist mantisbt/mantisbt

Moderate

over 3 years ago

MantisBT allows XSS via View Filters page GSA_kwCzR0hTQS1tanA3LTk3dzQtandoY84AAWPM

packagist mantisbt/mantisbt

Low

over 3 years ago

MantisBT Cross-site Scripting vulnerability GSA_kwCzR0hTQS03NHg3LW1mdmctaDJ3Zs4AAV7B

packagist mantisbt/mantisbt

Moderate

over 3 years ago

MantisBT allows XSS via the Manage Filter page GSA_kwCzR0hTQS1nZ2ptLTdtNWYtN3hqds4AAUpx

packagist mantisbt/mantisbt

Moderate

over 3 years ago

MantisBT allows XSS via Edit Filter page GSA_kwCzR0hTQS1nY3F3LTQ1eHEteGM2M84AAUps

packagist mantisbt/mantisbt

High

over 3 years ago

MantisBT allows arbitrary password reset GSA_kwCzR0hTQS0yNTJyLWY1NWYtZmYzNM34ww

packagist mantisbt/mantisbt

Moderate

over 3 years ago

MantisBT XSS allows unsanitized input via admin/install.php GSA_kwCzR0hTQS05OHhyLW1tcTUtdmM1aM3rsg

packagist mantisbt/mantisbt

Moderate

over 3 years ago

MantisBT vulnerable to XSS via unescaped output in browser_search_plugin.php GSA_kwCzR0hTQS13ZmcyLTJ3bXctNjg5NM3f1g

packagist mantisbt/mantisbt

High

over 3 years ago

MantisBT Insufficient Session Expiration cookie string not reset after logout GSA_kwCzR0hTQS1qbTcyLTY3cm0tNzYzas097Q

packagist mantisbt/mantisbt

High

over 3 years ago

MantisBT CSV Injection unprivileged user access in csv_export.php GSA_kwCzR0hTQS1yZzhmLTVwN3gtbTZ3ds07iw

packagist mantisbt/mantisbt

Moderate

over 3 years ago

MantisBT vulnerable to XSS due to improper escape in manage_plugin_page.php and manage_plugin_uninstall.php GSA_kwCzR0hTQS1ycWdqLXJxZnItNWo2Zs07UQ

packagist mantisbt/mantisbt

Filter by Severity

Moderate 10,341 High 8,173 Critical 3,354 Low 1,496

Filter by Ecosystem

maven 6,869 packagist 5,422 pypi 4,942 npm 4,297 go 2,920 nuget 1,880 cargo 1,086 rubygems 927 actions 37 hex 37 swift 36 pub 10

Filter by Package

Filter by Repository

https://github.com/mantisbt/mantisbt 38 https://github.com/YavuzSahbaz/CVE-2022-28508 1