CVE-2026-33517

High CVSS: 8.6

Mantis Bug Tracker (MantisBT) is an open source issue tracker. In version 2.28.0, when deleting a Tag (tag_delete.php), improper escaping of its name when displaying the confirmation message allows an attacker to inject HTML and, if CSP settings permit, achieve execution of arbitrary JavaScript. Version 2.28.1 fixes the issue. Workarounds include reverting commit d6890320752ecf37bd74d11fe14fe7dc12335be9 and/or manually editing language files to remove the sprintf placeholder `%1$s` from `$s_tag_delete_message` string.

Vendor

Mantisbt

Product

Mantisbt

CWE

CWE-79

Yayın Tarihi

2026-03-23 20:16:27

Güncelleme

2026-03-25 13:58:07

Source Identifier

security-advisories@github.com

KEV Date Added

Kategoriler

CWE-79 Mantisbt HIGH Mantisbt 2026

Referanslar

https://github.com/mantisbt/mantisbt/commit/80990f43153167c73f11eb4b2bc7108d0c3d6b46 https://github.com/mantisbt/mantisbt/commit/d6890320752ecf37bd74d11fe14fe7dc12335be9 https://github.com/mantisbt/mantisbt/security/advisories/GHSA-fh48-f69w-7vmp

Benzer Kayıtlar

High

CVE-2026-33548

Mantis Bug Tracker (MantisBT) is an open source issue tracker. In version 2.28.0, improper escaping of tag names retriev…

Critical

CVE-2026-30849

Mantis Bug Tracker (MantisBT) is an open source issue tracker. Versions prior to 2.28.1 running on MySQL family database…

Medium

CVE-2025-62520

Mantis Bug Tracker (MantisBT) is an open source issue tracker. In versions 2.27.1 and below, due to insufficient access-…

Medium

CVE-2025-55155

Mantis Bug Tracker (MantisBT) is an open source issue tracker. In versions 2.27.1 and below, when a user edits their pro…

High

CVE-2025-47776

Mantis Bug Tracker (MantisBT) is an open source issue tracker. Due to incorrect use of loose (==) instead of strict (===…

Medium

CVE-2025-46556

Mantis Bug Tracker (MantisBT) is an open source issue tracker. Versions 2.27.1 and below allow attackers to permanently…