Exposure of MantisBT
Issue trackers17
exposure score
6
sites use
0
exploited
1
critical
CVEs
35 resultsCVE-2026-34744MEDIUMMantisBT authorization bypass allows continued access to self-uploaded attachments on private issuesEPSS 0.4%CVE-2026-44657HIGHMantisBT: Stored XSS in File DownloadEPSS 0.3%CVE-2025-46556MEDIUMMantisBT is Vulnerable to Denial-of-Service (DoS) attack via Excessive Note LengthEPSS 0.3%CVE-2026-33052MEDIUMMantisBT: Authorization Bypass in Global Profile CreationEPSS 0.3%CVE-2025-47776HIGHMantisBT: Authentication bypass for some passwords due to PHP type jugglingEPSS 0.3%CVE-2026-44655HIGHMantisBT: Stored XSS on Move Attachments Admin PageEPSS 0.3%CVE-2026-41897MEDIUMMantisBT: Reflected XSS in Rendering Dynamic Custom Textarea FieldEPSS 0.3%CVE-2026-42071HIGHMantisBT: Private Bugnote Attachment Content Leak via REST APIEPSS 0.3%CVE-2026-42070MEDIUMMantisBT: Authorization Bypass in Bugnote Editing via Issue Update APIEPSS 0.3%CVE-2026-34754MEDIUMMantisBT allows unauthorized users to upload attachments to restricted issues via REST APIEPSS 0.2%CVE-2026-33517HIGHMantisBT Vulnerable to Stored HTML Injection in Tag Delete ConfirmationEPSS 0.2%CVE-2026-39960MEDIUMMantisBT is Vulnerable to Stored XSS through Custom Field Textarea ValuesEPSS 0.2%CVE-2025-62520MEDIUMMantisBT unauthorized disclosure of private project column configurationEPSS 0.2%CVE-2026-33548HIGHMantisBT has Stored HTML Injection / XSS when displaying Tags in TimelineEPSS 0.2%CVE-2025-55155MEDIUMMantisBT: Authentication bypass for some passwords due to PHP type jugglingEPSS 0.1%
Want to know if your infrastructure is exposed to this?
Talk to TrueHacking →