CVE-2021-33557

EPSS 0.93% · P76 Updated Feb 25, 2026

Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2021-33557

Vulnerability Information

Have questions about the vulnerability? See if Shenlong's analysis helps!

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Description

An XSS issue was discovered in manage_custom_field_edit_page.php in MantisBT before 2.25.2. Unescaped output of the return parameter allows an attacker to inject code into a hidden input field.

Source: NVD (National Vulnerability Database)

CVSS Information

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Type

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Title

MantisBT 跨站脚本漏洞

Source: CNNVD (China National Vulnerability Database)

Vulnerability Description

MantisBT是MantisBT（Mantisbt）团队的一套基于Web的开源缺陷跟踪系统。该系统以Web操作的形式提供项目管理及缺陷跟踪服务。 MantisBT 2.25.2 之前版本存在跨站脚本漏洞，该漏洞源于manage_custom_field_edit_page.php返回参数的未转义输出。攻击者可利用该漏洞将代码注入隐藏的输入字段中。

Source: CNNVD (China National Vulnerability Database)

CVSS Information

N/A

Source: CNNVD (China National Vulnerability Database)

Vulnerability Type

N/A

Source: CNNVD (China National Vulnerability Database)

Affected Products

Vendor	Product	Affected Versions	CPE	Subscribe
-	n/a	n/a	-

II. Public POCs for CVE-2021-33557

#	POC Description	Source Link	Shenlong Link

AI-Generated POCPremium

No public POC found.

III. Intelligence Information for CVE-2021-33557

请登录查看更多情报信息。

Security Blog Posts for CVE-2021-33557 (1)

https://mantisbt.org/blog/archives/mantisbt/699x_refsource_CONFIRM

Other References for CVE-2021-33557 (1)

https://mantisbt.org/bugs/view.php?id=28552x_refsource_MISC

https://nvd.nist.gov/vuln/detail/CVE-2021-33557

Same Patch Batch · n/a · 2021-06-17 · 25 CVEs total

CVE-2021-23396	5.6 MEDIUM	Prototype Pollution
CVE-2021-32950		Open Design Alliance Drawings SDK 缓冲区错误漏洞
CVE-2021-32948		Open Design Alliance Drawings SDK 缓冲区错误漏洞
CVE-2021-32940		Open Design Alliance Drawings SDK 缓冲区错误漏洞
CVE-2021-32938		Open Design Alliance Drawings SDK 缓冲区错误漏洞
CVE-2021-32936		Open Design Alliance Drawings SDK 缓冲区错误漏洞
CVE-2020-36389		CiviCRM 跨站请求伪造漏洞
CVE-2020-36388		CiviCRM 代码问题漏洞
CVE-2021-21777		EIP Stack Group OpENer 缓冲区错误漏洞
CVE-2021-0143		Intel Brand Verification Tool 安全漏洞
CVE-2021-32582		Connectwise ConnectWise Automate SQL注入漏洞
CVE-2021-32946		Open Design Alliance Drawings SDK 代码问题漏洞
CVE-2021-32952		Open Design Alliance Drawings SDK 缓冲区错误漏洞
CVE-2021-34553		Sonatype Nexus Repository Manager 路径遍历漏洞
CVE-2021-32944		Drawings SDK 资源管理错误漏洞
CVE-2021-34825		Quassel 安全漏洞
CVE-2021-32078		Linux kernel 缓冲区错误漏洞
CVE-2020-25414		Monstra 代码注入漏洞
CVE-2013-20002		Wordpress Themify 代码问题漏洞
CVE-2020-19202		IPFire Firewall 跨站脚本漏洞

Showing top 20 of 25 CVEs. View all on vendor page → →

IV. Related Vulnerabilities

Same product: n/a

Same vendor: n/a

V. Comments for CVE-2021-33557

No comments yet

Goal Reached Thanks to every supporter — we hit 100%!

CVE-2021-33557

I. Basic Information for CVE-2021-33557

Vulnerability Information

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Affected Products

II. Public POCs for CVE-2021-33557

III. Intelligence Information for CVE-2021-33557

Security Blog Posts for CVE-2021-33557 (1)

Other References for CVE-2021-33557 (1)

Same Patch Batch · n/a · 2021-06-17 · 25 CVEs total

IV. Related Vulnerabilities

V. Comments for CVE-2021-33557

Leave a comment