Browse all 35 CVE security advisories affecting mantisbt. AI-powered Chinese analysis, POCs, and references for each vulnerability.
MantisBT serves as an open-source issue tracking system primarily used for bug tracking and project management in software development environments. Historically, it has been susceptible to various vulnerability classes including remote code execution, cross-site scripting (XSS), and privilege escalation, often stemming from insufficient input validation and access control flaws. While no major public security incidents have been widely documented, the 18 recorded CVEs highlight consistent security concerns, particularly in areas like authentication bypass and insecure direct object references. The application's modular architecture and extensive plugin ecosystem introduce additional potential attack surfaces, requiring regular updates and careful configuration to mitigate risks.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2023-22476 | MantisBT: Exposure of Private issues' summary to unauthorized users — mantisbtCWE-200 | 4.3 | Medium | 2023-02-23 |
| CVE-2013-1934 | MantisBT 跨站脚本漏洞 — mantisBT | 5.4 | - | 2019-10-31 |
| CVE-2013-1932 | MantisBT 跨站脚本漏洞 — mantisBT | 5.4 | - | 2019-10-31 |
| CVE-2013-1931 | MantisBT 跨站脚本漏洞 — mantisBT | 4.8 | - | 2019-10-31 |
| CVE-2013-1930 | MantisBT 输入验证错误漏洞 — mantisBT | 4.3 | - | 2019-10-31 |
This page lists every published CVE security advisory associated with mantisbt. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.