| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2026-33548 | MantisBT has Stored HTML Injection / XSS when displaying Tags in Timeline | mantisbt | mantisbt | 中危 | - | 2026-03-23 19:15:19 | Deep Dive |
| CVE-2026-33517 | MantisBT Vulnerable to Stored HTML Injection in Tag Delete Confirmation | mantisbt | mantisbt | 中危 | - | 2026-03-23 19:13:15 | Deep Dive |
| CVE-2026-30849 | MantisBT SOAP API has an authentication bypass vulnerability on MySQL | mantisbt | mantisbt | 中危 | - | 2026-03-23 19:10:34 | Deep Dive |
| CVE-2025-62520 | MantisBT unauthorized disclosure of private project column configuration | mantisbt | mantisbt | - | - | 2025-11-04 21:31:13 | Deep Dive |
| CVE-2025-55155 | MantisBT: Authentication bypass for some passwords due to PHP type juggling | mantisbt | mantisbt | Medium | 5.4 | 2025-11-04 20:48:03 | Deep Dive |
| CVE-2025-47776 | MantisBT: Authentication bypass for some passwords due to PHP type juggling | mantisbt | mantisbt | - | - | 2025-11-04 20:31:02 | Deep Dive |
| CVE-2025-46556 | MantisBT is Vulnerable to Denial-of-Service (DoS) attack via Excessive Note Length | mantisbt | mantisbt | Medium | 6.5 | 2025-11-04 00:20:28 | Deep Dive |
| CVE-2024-45792 | MantisBT vulnerable to information disclosure with user profiles | mantisbt | mantisbt | 中危 | - | 2024-09-30 14:40:26 | Deep Dive |
| CVE-2024-34081 | MantisBT Cross-site Scripting vulnerability | mantisbt | mantisbt | Medium | 6.6 | 2024-05-13 15:40:54 | Deep Dive |
| CVE-2024-34080 | MantisBT Vulnerable to Exposure of Sensitive Information to an Unauthorized Actor | mantisbt | mantisbt | Medium | 5.3 | 2024-05-13 15:35:00 | Deep Dive |
| CVE-2024-34077 | MantisBT user account takeover in the signup/reset password process | mantisbt | mantisbt | High | 7.3 | 2024-05-13 15:30:32 | Deep Dive |
| CVE-2024-23830 | MantisBT Host Header Injection vulnerability | mantisbt | mantisbt | High | 8.3 | 2024-02-20 21:44:28 | Deep Dive |
| CVE-2023-49802 | MantisBT LinkedCustomFields Cross-site Scripting vulnerability | mantisbt-plugins | LinkedCustomFields | Medium | 6.7 | 2023-12-11 21:11:53 | Deep Dive |
| CVE-2023-44394 | Disclosure of project names to unauthorized users in MantisBT | mantisbt | mantisbt | Medium | 4.3 | 2023-10-16 21:00:46 | Deep Dive |
| CVE-2023-22476 | MantisBT: Exposure of Private issues' summary to unauthorized users | mantisbt | mantisbt | Medium | 4.3 | 2023-02-23 19:00:03 | Deep Dive |
| CVE-2013-1934 | MantisBT 跨站脚本漏洞 | mantisBT | mantisBT | 中危 | - | 2019-10-31 19:05:16 | Deep Dive |
| CVE-2013-1932 | MantisBT 跨站脚本漏洞 | mantisBT | mantisBT | 中危 | - | 2019-10-31 19:05:12 | Deep Dive |
| CVE-2013-1931 | MantisBT 跨站脚本漏洞 | mantisBT | mantisBT | 中危 | - | 2019-10-31 19:05:05 | Deep Dive |
| CVE-2013-1930 | MantisBT 输入验证错误漏洞 | mantisBT | mantisBT | 中危 | - | 2019-10-31 19:05:01 | Deep Dive |