{"url":"http://public2.vulnerablecode.io/api/packages/61471?format=json","purl":"pkg:composer/mantisbt/mantisbt@2.24.5","type":"composer","namespace":"mantisbt","name":"mantisbt","version":"2.24.5","qualifiers":{},"subpath":"","is_vulnerable":true,"next_non_vulnerable_version":"2.28.2","latest_non_vulnerable_version":"2.28.2","affected_by_vulnerabilities":[{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/54783?format=json","vulnerability_id":"VCID-1n7b-6pyz-cka5","summary":"Mantis Bug Tracker (MantisBT) allows user account takeover in the signup/reset password process\nInsufficient access control in the registration and password reset process allows an attacker to reset another user's password and takeover their account, if the victim has an incomplete request pending.\n\nThe exploit is only possible while the verification token is valid, i.e for 5 minutes after the confirmation URL sent by e-mail has been opened, and the user did not complete the process by updating their password.\n\nA brute-force attack calling account_update.php with increasing user IDs is possible.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-34077","reference_id":"","reference_type":"","scores":[{"value":"0.00225","scoring_system":"epss","scoring_elements":"0.45324","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-34077"},{"reference_url":"https://github.com/mantisbt/mantisbt","reference_id":"","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/mantisbt/mantisbt"},{"reference_url":"https://github.com/mantisbt/mantisbt/commit/92d11a01b195a1b6717a2f205218089158ea6d00","reference_id":"","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-05-13T19:51:24Z/"}],"url":"https://github.com/mantisbt/mantisbt/commit/92d11a01b195a1b6717a2f205218089158ea6d00"},{"reference_url":"https://mantisbt.org/bugs/view.php?id=34433","reference_id":"","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-05-13T19:51:24Z/"}],"url":"https://mantisbt.org/bugs/view.php?id=34433"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2024-34077","reference_id":"CVE-2024-34077","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2024-34077"},{"reference_url":"https://github.com/advisories/GHSA-93x3-m7pw-ppqm","reference_id":"GHSA-93x3-m7pw-ppqm","reference_type":"","scores":[{"value":"HIGH","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-93x3-m7pw-ppqm"},{"reference_url":"https://github.com/mantisbt/mantisbt/security/advisories/GHSA-93x3-m7pw-ppqm","reference_id":"GHSA-93x3-m7pw-ppqm","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L"},{"value":"HIGH","scoring_system":"cvssv3.1_qr","scoring_elements":""},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-05-13T19:51:24Z/"}],"url":"https://github.com/mantisbt/mantisbt/security/advisories/GHSA-93x3-m7pw-ppqm"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/81243?format=json","purl":"pkg:composer/mantisbt/mantisbt@2.26.2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-843s-1vx7-nueb"},{"vulnerability":"VCID-8676-5hmd-s3hm"},{"vulnerability":"VCID-8wux-1k2d-sbam"},{"vulnerability":"VCID-d3yt-mkwe-33hu"},{"vulnerability":"VCID-n3nu-aawj-s7af"},{"vulnerability":"VCID-yhf6-qthy-nqb2"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/mantisbt/mantisbt@2.26.2"}],"aliases":["CVE-2024-34077","GHSA-93x3-m7pw-ppqm"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-1n7b-6pyz-cka5"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/91349?format=json","vulnerability_id":"VCID-843s-1vx7-nueb","summary":"MantisBT is vulnerable to authentication bypass through the SOAP API on MySQL\nMantis Bug Tracker instances running on MySQL and compatible databases are affected by an authentication bypass vulnerability in the SOAP API, as a result of improper type checking on the password parameter.\n\nOther database backends are not affected, as they do not perform implicit type conversion from string to integer.\n\n### Impact\nUsing a crafted SOAP envelope, an attacker knowing the victim's username is able to login to the SOAP API with their account without knowledge of the actual password, and execute any API function they have access to.\n\n### Patches\n* b349e5c890eeda9bd82e7c7e14479853f8a30d9f\n\n### Workarounds\n- [Disabling the SOAP API](https://mantisbt.org/docs/master/en-US/Admin_Guide/html-desktop/#admin.config.api.disable) significantly reduces the risk, but still allows the attacker to retrieve user account information including email address and real name.\n\n### Resources\n- https://mantisbt.org/bugs/view.php?id=36902\n\n### Credits\nMantisBT thanks Alexander Philiotis of SynerComm for discovering and responsibly reporting the issue.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-30849","reference_id":"","reference_type":"","scores":[{"value":"0.0014","scoring_system":"epss","scoring_elements":"0.33855","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-30849"},{"reference_url":"https://github.com/mantisbt/mantisbt","reference_id":"","reference_type":"","scores":[{"value":"9.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:L/SC:N/SI:N/SA:N"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/mantisbt/mantisbt"},{"reference_url":"https://github.com/mantisbt/mantisbt/commit/b349e5c890eeda9bd82e7c7e14479853f8a30d9f","reference_id":"","reference_type":"","scores":[{"value":"9.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:L/SC:N/SI:N/SA:N"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-03-24T18:29:55Z/"}],"url":"https://github.com/mantisbt/mantisbt/commit/b349e5c890eeda9bd82e7c7e14479853f8a30d9f"},{"reference_url":"https://github.com/mantisbt/mantisbt/security/advisories/GHSA-phrq-pc6r-f6gh","reference_id":"","reference_type":"","scores":[{"value":"9.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:L/SC:N/SI:N/SA:N"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-03-24T18:29:55Z/"}],"url":"https://github.com/mantisbt/mantisbt/security/advisories/GHSA-phrq-pc6r-f6gh"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2026-30849","reference_id":"","reference_type":"","scores":[{"value":"9.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:L/SC:N/SI:N/SA:N"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2026-30849"},{"reference_url":"https://github.com/advisories/GHSA-phrq-pc6r-f6gh","reference_id":"GHSA-phrq-pc6r-f6gh","reference_type":"","scores":[],"url":"https://github.com/advisories/GHSA-phrq-pc6r-f6gh"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/113501?format=json","purl":"pkg:composer/mantisbt/mantisbt@2.28.1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-tndh-byw2-xbh6"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/mantisbt/mantisbt@2.28.1"}],"aliases":["CVE-2026-30849","GHSA-phrq-pc6r-f6gh"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-843s-1vx7-nueb"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/55908?format=json","vulnerability_id":"VCID-8676-5hmd-s3hm","summary":"MantisBT vulnerable to information disclosure with user profiles\nUsing a crafted POST request, an unprivileged, registered user is able to retrieve information about other users' personal system profiles.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-45792","reference_id":"","reference_type":"","scores":[{"value":"0.00663","scoring_system":"epss","scoring_elements":"0.71606","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-45792"},{"reference_url":"https://github.com/mantisbt/mantisbt","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/mantisbt/mantisbt"},{"reference_url":"https://github.com/mantisbt/mantisbt/commit/56bbd02dc1fb33a8de5898fd17dc3d698c847f55","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/mantisbt/mantisbt/commit/56bbd02dc1fb33a8de5898fd17dc3d698c847f55"},{"reference_url":"https://github.com/mantisbt/mantisbt/commit/ef0f820284032350cc20a39ff9cb2010d5463b41","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-30T15:31:35Z/"}],"url":"https://github.com/mantisbt/mantisbt/commit/ef0f820284032350cc20a39ff9cb2010d5463b41"},{"reference_url":"https://mantisbt.org/bugs/view.php?id=34640","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-30T15:31:35Z/"}],"url":"https://mantisbt.org/bugs/view.php?id=34640"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2024-45792","reference_id":"CVE-2024-45792","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2024-45792"},{"reference_url":"https://github.com/advisories/GHSA-h5q3-fjp4-2x7r","reference_id":"GHSA-h5q3-fjp4-2x7r","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-h5q3-fjp4-2x7r"},{"reference_url":"https://github.com/mantisbt/mantisbt/security/advisories/GHSA-h5q3-fjp4-2x7r","reference_id":"GHSA-h5q3-fjp4-2x7r","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N"},{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-30T15:31:35Z/"}],"url":"https://github.com/mantisbt/mantisbt/security/advisories/GHSA-h5q3-fjp4-2x7r"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/82810?format=json","purl":"pkg:composer/mantisbt/mantisbt@2.26.4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-843s-1vx7-nueb"},{"vulnerability":"VCID-8wux-1k2d-sbam"},{"vulnerability":"VCID-d3yt-mkwe-33hu"},{"vulnerability":"VCID-n3nu-aawj-s7af"},{"vulnerability":"VCID-yhf6-qthy-nqb2"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/mantisbt/mantisbt@2.26.4"}],"aliases":["CVE-2024-45792","GHSA-h5q3-fjp4-2x7r"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-8676-5hmd-s3hm"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/48327?format=json","vulnerability_id":"VCID-8wux-1k2d-sbam","summary":"MantisBT lacks verification when changing a user's email address\nWhen a user edits their profile to change their e-mail address, the system saves it without validating that it actually belongs to the user.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-55155","reference_id":"","reference_type":"","scores":[{"value":"0.00026","scoring_system":"epss","scoring_elements":"0.07861","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-55155"},{"reference_url":"https://github.com/mantisbt/mantisbt","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/mantisbt/mantisbt"},{"reference_url":"https://github.com/mantisbt/mantisbt/commit/21e9fbedde8553c29c0d3156e84f78157fc4f22e","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-11-04T21:03:02Z/"}],"url":"https://github.com/mantisbt/mantisbt/commit/21e9fbedde8553c29c0d3156e84f78157fc4f22e"},{"reference_url":"https://mantisbt.org/bugs/view.php?id=36005","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-11-04T21:03:02Z/"}],"url":"https://mantisbt.org/bugs/view.php?id=36005"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2025-55155","reference_id":"CVE-2025-55155","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2025-55155"},{"reference_url":"https://github.com/advisories/GHSA-q747-c74m-69pr","reference_id":"GHSA-q747-c74m-69pr","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-q747-c74m-69pr"},{"reference_url":"https://github.com/mantisbt/mantisbt/security/advisories/GHSA-q747-c74m-69pr","reference_id":"GHSA-q747-c74m-69pr","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-11-04T21:03:02Z/"}],"url":"https://github.com/mantisbt/mantisbt/security/advisories/GHSA-q747-c74m-69pr"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/71320?format=json","purl":"pkg:composer/mantisbt/mantisbt@2.27.2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-843s-1vx7-nueb"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/mantisbt/mantisbt@2.27.2"}],"aliases":["CVE-2025-55155","GHSA-q747-c74m-69pr"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-8wux-1k2d-sbam"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/48324?format=json","vulnerability_id":"VCID-d3yt-mkwe-33hu","summary":"MantisBT Vulnerable to Denial-of-Service (DoS) via Excessive Note Length\nA lack of server-side validation for note length in MantisBT allows attackers to permanently corrupt issue activity logs by submitting extremely long notes (tested with 4,788,761 characters). Once such a note is added:","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-46556","reference_id":"","reference_type":"","scores":[{"value":"0.00064","scoring_system":"epss","scoring_elements":"0.20074","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-46556"},{"reference_url":"https://github.com/mantisbt/mantisbt","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/mantisbt/mantisbt"},{"reference_url":"https://github.com/mantisbt/mantisbt/commit/c99a41272532ba49b5c8dccb7797afead9864234","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-11-06T20:44:31Z/"}],"url":"https://github.com/mantisbt/mantisbt/commit/c99a41272532ba49b5c8dccb7797afead9864234"},{"reference_url":"https://github.com/mantisbt/mantisbt/commit/d5cec6bffb44d54bd412c186b9baa409b1aa4238","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-11-06T20:44:31Z/"}],"url":"https://github.com/mantisbt/mantisbt/commit/d5cec6bffb44d54bd412c186b9baa409b1aa4238"},{"reference_url":"https://github.com/mantisbt/mantisbt/commit/e9119c68b4a0eaa0bbde3deb121e81f5f7157361","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-11-06T20:44:31Z/"}],"url":"https://github.com/mantisbt/mantisbt/commit/e9119c68b4a0eaa0bbde3deb121e81f5f7157361"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2025-46556","reference_id":"CVE-2025-46556","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2025-46556"},{"reference_url":"https://github.com/advisories/GHSA-r3jf-hm7q-qfw5","reference_id":"GHSA-r3jf-hm7q-qfw5","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-r3jf-hm7q-qfw5"},{"reference_url":"https://github.com/mantisbt/mantisbt/security/advisories/GHSA-r3jf-hm7q-qfw5","reference_id":"GHSA-r3jf-hm7q-qfw5","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"},{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-11-06T20:44:31Z/"}],"url":"https://github.com/mantisbt/mantisbt/security/advisories/GHSA-r3jf-hm7q-qfw5"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/71320?format=json","purl":"pkg:composer/mantisbt/mantisbt@2.27.2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-843s-1vx7-nueb"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/mantisbt/mantisbt@2.27.2"}],"aliases":["CVE-2025-46556","GHSA-r3jf-hm7q-qfw5"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-d3yt-mkwe-33hu"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/47044?format=json","vulnerability_id":"VCID-ed8g-bc8k-dkgq","summary":"Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')\nMantisBT is an open source issue tracker. Prior to version 2.26.1, an unauthenticated attacker who knows a user's email address and username can hijack the user's account by poisoning the link in the password reset notification message. A patch is available in version 2.26.1. As a workaround, define `$g_path` as appropriate in `config_inc.php`.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-23830","reference_id":"","reference_type":"","scores":[{"value":"0.01732","scoring_system":"epss","scoring_elements":"0.82832","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-23830"},{"reference_url":"https://github.com/mantisbt/mantisbt","reference_id":"","reference_type":"","scores":[{"value":"8.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:L"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/mantisbt/mantisbt"},{"reference_url":"https://github.com/mantisbt/mantisbt/commit/7055731d09ff12b2781410a372f790172e279744","reference_id":"","reference_type":"","scores":[{"value":"8.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:L"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-21T16:05:28Z/"}],"url":"https://github.com/mantisbt/mantisbt/commit/7055731d09ff12b2781410a372f790172e279744"},{"reference_url":"https://mantisbt.org/bugs/view.php?id=19381","reference_id":"","reference_type":"","scores":[{"value":"8.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:L"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-21T16:05:28Z/"}],"url":"https://mantisbt.org/bugs/view.php?id=19381"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2024-23830","reference_id":"","reference_type":"","scores":[{"value":"8.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:L"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2024-23830"},{"reference_url":"https://github.com/advisories/GHSA-mcqj-7p29-9528","reference_id":"GHSA-mcqj-7p29-9528","reference_type":"","scores":[{"value":"HIGH","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-mcqj-7p29-9528"},{"reference_url":"https://github.com/mantisbt/mantisbt/security/advisories/GHSA-mcqj-7p29-9528","reference_id":"GHSA-mcqj-7p29-9528","reference_type":"","scores":[{"value":"8.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:L"},{"value":"HIGH","scoring_system":"cvssv3.1_qr","scoring_elements":""},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-21T16:05:28Z/"}],"url":"https://github.com/mantisbt/mantisbt/security/advisories/GHSA-mcqj-7p29-9528"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/69016?format=json","purl":"pkg:composer/mantisbt/mantisbt@2.26.1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1n7b-6pyz-cka5"},{"vulnerability":"VCID-843s-1vx7-nueb"},{"vulnerability":"VCID-8676-5hmd-s3hm"},{"vulnerability":"VCID-8wux-1k2d-sbam"},{"vulnerability":"VCID-d3yt-mkwe-33hu"},{"vulnerability":"VCID-jpyg-rbg3-rybh"},{"vulnerability":"VCID-mubw-sf3f-n3fg"},{"vulnerability":"VCID-n3nu-aawj-s7af"},{"vulnerability":"VCID-yhf6-qthy-nqb2"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/mantisbt/mantisbt@2.26.1"}],"aliases":["CVE-2024-23830","GHSA-mcqj-7p29-9528"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ed8g-bc8k-dkgq"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/43277?format=json","vulnerability_id":"VCID-hxaw-gp24-9kfv","summary":"MantisBT vulnerable to XSS via unescaped output in browser_search_plugin.php\nAn XSS issue was discovered in browser_search_plugin.php in MantisBT up to and including 2.25.2. Unescaped output of the return parameter allows an attacker to inject code into a hidden input field.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-28508","reference_id":"","reference_type":"","scores":[{"value":"0.07116","scoring_system":"epss","scoring_elements":"0.91687","published_at":"2026-06-04T12:55:00Z"},{"value":"0.22039","scoring_system":"epss","scoring_elements":"0.95892","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-28508"},{"reference_url":"https://github.com/mantisbt/mantisbt","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/mantisbt/mantisbt"},{"reference_url":"https://github.com/YavuzSahbaz/CVE-2022-28508/blob/main/MantisBT%202.25.2%20XSS%20vulnurability","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/YavuzSahbaz/CVE-2022-28508/blob/main/MantisBT%202.25.2%20XSS%20vulnurability"},{"reference_url":"https://mantisbt.org","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://mantisbt.org"},{"reference_url":"https://sourceforge.net/projects/mantisbt","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://sourceforge.net/projects/mantisbt"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2022-28508","reference_id":"CVE-2022-28508","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2022-28508"},{"reference_url":"https://github.com/advisories/GHSA-wfg2-2wmw-6894","reference_id":"GHSA-wfg2-2wmw-6894","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-wfg2-2wmw-6894"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/61382?format=json","purl":"pkg:composer/mantisbt/mantisbt@2.25.3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1n7b-6pyz-cka5"},{"vulnerability":"VCID-843s-1vx7-nueb"},{"vulnerability":"VCID-8676-5hmd-s3hm"},{"vulnerability":"VCID-8wux-1k2d-sbam"},{"vulnerability":"VCID-d3yt-mkwe-33hu"},{"vulnerability":"VCID-ed8g-bc8k-dkgq"},{"vulnerability":"VCID-jpyg-rbg3-rybh"},{"vulnerability":"VCID-jtj9-ccw1-8kd1"},{"vulnerability":"VCID-mubw-sf3f-n3fg"},{"vulnerability":"VCID-n3nu-aawj-s7af"},{"vulnerability":"VCID-uk44-j13d-43ce"},{"vulnerability":"VCID-ybzq-wt16-3bc2"},{"vulnerability":"VCID-yhf6-qthy-nqb2"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/mantisbt/mantisbt@2.25.3"}],"aliases":["CVE-2022-28508","GHSA-wfg2-2wmw-6894"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-hxaw-gp24-9kfv"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/54776?format=json","vulnerability_id":"VCID-jpyg-rbg3-rybh","summary":"MantisBT Vulnerable to Exposure of Sensitive Information to an Unauthorized Actor\nIf an issue references a note that belongs to another issue that the user doesn't have access to, then it gets hyperlinked. Clicking on the link gives an access denied error as expected, yet some information remains available via the link, link label, and tooltip.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-34080","reference_id":"","reference_type":"","scores":[{"value":"0.00288","scoring_system":"epss","scoring_elements":"0.52533","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-34080"},{"reference_url":"https://github.com/mantisbt/mantisbt","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/mantisbt/mantisbt"},{"reference_url":"https://github.com/mantisbt/mantisbt/commit/0a50562369d823689c9b946066d1e49d3c2df226","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-05-13T18:31:57Z/"}],"url":"https://github.com/mantisbt/mantisbt/commit/0a50562369d823689c9b946066d1e49d3c2df226"},{"reference_url":"https://github.com/mantisbt/mantisbt/pull/2000","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-05-13T18:31:57Z/"}],"url":"https://github.com/mantisbt/mantisbt/pull/2000"},{"reference_url":"https://mantisbt.org/bugs/view.php?id=34434","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-05-13T18:31:57Z/"}],"url":"https://mantisbt.org/bugs/view.php?id=34434"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2024-34080","reference_id":"CVE-2024-34080","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2024-34080"},{"reference_url":"https://github.com/advisories/GHSA-99jc-wqmr-ff2q","reference_id":"GHSA-99jc-wqmr-ff2q","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-99jc-wqmr-ff2q"},{"reference_url":"https://github.com/mantisbt/mantisbt/security/advisories/GHSA-99jc-wqmr-ff2q","reference_id":"GHSA-99jc-wqmr-ff2q","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-05-13T18:31:57Z/"}],"url":"https://github.com/mantisbt/mantisbt/security/advisories/GHSA-99jc-wqmr-ff2q"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/81243?format=json","purl":"pkg:composer/mantisbt/mantisbt@2.26.2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-843s-1vx7-nueb"},{"vulnerability":"VCID-8676-5hmd-s3hm"},{"vulnerability":"VCID-8wux-1k2d-sbam"},{"vulnerability":"VCID-d3yt-mkwe-33hu"},{"vulnerability":"VCID-n3nu-aawj-s7af"},{"vulnerability":"VCID-yhf6-qthy-nqb2"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/mantisbt/mantisbt@2.26.2"}],"aliases":["CVE-2024-34080","GHSA-99jc-wqmr-ff2q"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-jpyg-rbg3-rybh"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/46222?format=json","vulnerability_id":"VCID-jtj9-ccw1-8kd1","summary":"MantisBT may disclose project names to unauthorized users\nDue to insufficient access-level checks on the Wiki redirection page, any user can reveal private Projects' names, by accessing wiki.php with sequentially incremented IDs.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2023-44394","reference_id":"","reference_type":"","scores":[{"value":"0.00491","scoring_system":"epss","scoring_elements":"0.65991","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2023-44394"},{"reference_url":"https://github.com/mantisbt/mantisbt","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/mantisbt/mantisbt"},{"reference_url":"https://github.com/mantisbt/mantisbt/commit/65c44883f9d24f3ccef066fb523c93d8fdd7afc1","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-13T18:58:41Z/"}],"url":"https://github.com/mantisbt/mantisbt/commit/65c44883f9d24f3ccef066fb523c93d8fdd7afc1"},{"reference_url":"https://mantisbt.org/bugs/view.php?id=32981","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-13T18:58:41Z/"}],"url":"https://mantisbt.org/bugs/view.php?id=32981"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2023-44394","reference_id":"CVE-2023-44394","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2023-44394"},{"reference_url":"https://github.com/advisories/GHSA-v642-mh27-8j6m","reference_id":"GHSA-v642-mh27-8j6m","reference_type":"","scores":[],"url":"https://github.com/advisories/GHSA-v642-mh27-8j6m"},{"reference_url":"https://github.com/mantisbt/mantisbt/security/advisories/GHSA-v642-mh27-8j6m","reference_id":"GHSA-v642-mh27-8j6m","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-13T18:58:41Z/"}],"url":"https://github.com/mantisbt/mantisbt/security/advisories/GHSA-v642-mh27-8j6m"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/67377?format=json","purl":"pkg:composer/mantisbt/mantisbt@2.25.8","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1n7b-6pyz-cka5"},{"vulnerability":"VCID-843s-1vx7-nueb"},{"vulnerability":"VCID-8676-5hmd-s3hm"},{"vulnerability":"VCID-8wux-1k2d-sbam"},{"vulnerability":"VCID-d3yt-mkwe-33hu"},{"vulnerability":"VCID-ed8g-bc8k-dkgq"},{"vulnerability":"VCID-jpyg-rbg3-rybh"},{"vulnerability":"VCID-mubw-sf3f-n3fg"},{"vulnerability":"VCID-n3nu-aawj-s7af"},{"vulnerability":"VCID-yhf6-qthy-nqb2"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/mantisbt/mantisbt@2.25.8"}],"aliases":["CVE-2023-44394","GHSA-v642-mh27-8j6m"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-jtj9-ccw1-8kd1"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/54779?format=json","vulnerability_id":"VCID-mubw-sf3f-n3fg","summary":"Mantis Bug Tracker (MantisBT) vulnerable to cross-site scripting\nImproper escaping of a custom field's name allows an attacker to inject HTML and, if CSP settings permit, achieve execution of arbitrary JavaScript when:\n- resolving or closing issues (bug_change_status_page.php) belonging to a project linking said custom field\n- viewing issues (view_all_bug_page.php) when the custom field is displayed as a column\n- printing issues (print_all_bug_page.php) when the custom field is displayed as a column","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-34081","reference_id":"","reference_type":"","scores":[{"value":"0.003","scoring_system":"epss","scoring_elements":"0.53692","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-34081"},{"reference_url":"https://github.com/mantisbt/mantisbt","reference_id":"","reference_type":"","scores":[{"value":"6.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:L/I:L/A:L"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/mantisbt/mantisbt"},{"reference_url":"https://github.com/mantisbt/mantisbt/commit/447a521aae0f82f791b8116a14a20e276df739be","reference_id":"","reference_type":"","scores":[{"value":"6.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:L/I:L/A:L"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-06-12T19:02:37Z/"}],"url":"https://github.com/mantisbt/mantisbt/commit/447a521aae0f82f791b8116a14a20e276df739be"},{"reference_url":"https://mantisbt.org/bugs/view.php?id=34432","reference_id":"","reference_type":"","scores":[{"value":"6.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:L/I:L/A:L"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-06-12T19:02:37Z/"}],"url":"https://mantisbt.org/bugs/view.php?id=34432"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2024-34081","reference_id":"CVE-2024-34081","reference_type":"","scores":[{"value":"6.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:L/I:L/A:L"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2024-34081"},{"reference_url":"https://github.com/advisories/GHSA-wgx7-jp56-65mq","reference_id":"GHSA-wgx7-jp56-65mq","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-wgx7-jp56-65mq"},{"reference_url":"https://github.com/mantisbt/mantisbt/security/advisories/GHSA-wgx7-jp56-65mq","reference_id":"GHSA-wgx7-jp56-65mq","reference_type":"","scores":[{"value":"6.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:L/I:L/A:L"},{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-06-12T19:02:37Z/"}],"url":"https://github.com/mantisbt/mantisbt/security/advisories/GHSA-wgx7-jp56-65mq"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/81243?format=json","purl":"pkg:composer/mantisbt/mantisbt@2.26.2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-843s-1vx7-nueb"},{"vulnerability":"VCID-8676-5hmd-s3hm"},{"vulnerability":"VCID-8wux-1k2d-sbam"},{"vulnerability":"VCID-d3yt-mkwe-33hu"},{"vulnerability":"VCID-n3nu-aawj-s7af"},{"vulnerability":"VCID-yhf6-qthy-nqb2"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/mantisbt/mantisbt@2.26.2"}],"aliases":["CVE-2024-34081","GHSA-wgx7-jp56-65mq"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-mubw-sf3f-n3fg"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/48325?format=json","vulnerability_id":"VCID-n3nu-aawj-s7af","summary":"MantisBT vulnerable to authentication bypass for some passwords due to PHP type juggling\nDue to an incorrect use of loose (`==`) instead of strict (`===`) comparison in the [authentication code][1], PHP type juggling will cause interpretation of certain MD5 hashes as numbers, specifically those matching scientific notation.\n\n[1]: https://github.com/mantisbt/mantisbt/blob/0fb502dd613991e892ed2224ac5ea3e40ba632bc/core/authentication_api.php#L782","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-47776","reference_id":"","reference_type":"","scores":[{"value":"0.00098","scoring_system":"epss","scoring_elements":"0.2698","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-47776"},{"reference_url":"https://github.com/mantisbt/mantisbt","reference_id":"","reference_type":"","scores":[{"value":"9.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N"},{"value":"8.8","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:H/VA:N/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/mantisbt/mantisbt"},{"reference_url":"https://github.com/mantisbt/mantisbt/blob/0fb502dd613991e892ed2224ac5ea3e40ba632bc/core/authentication_api.php#L782","reference_id":"","reference_type":"","scores":[{"value":"9.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N"},{"value":"8.8","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:H/VA:N/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/mantisbt/mantisbt/blob/0fb502dd613991e892ed2224ac5ea3e40ba632bc/core/authentication_api.php#L782"},{"reference_url":"https://github.com/mantisbt/mantisbt/commit/966554a19cf1bdbcfbfb3004766979faa748f9a2","reference_id":"","reference_type":"","scores":[{"value":"9.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N"},{"value":"8.8","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:H/VA:N/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-11-04T20:41:52Z/"}],"url":"https://github.com/mantisbt/mantisbt/commit/966554a19cf1bdbcfbfb3004766979faa748f9a2"},{"reference_url":"https://mantisbt.org/bugs/view.php?id=35967","reference_id":"","reference_type":"","scores":[{"value":"9.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N"},{"value":"8.8","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:H/VA:N/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://mantisbt.org/bugs/view.php?id=35967"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2025-47776","reference_id":"CVE-2025-47776","reference_type":"","scores":[{"value":"9.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N"},{"value":"8.8","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:H/VA:N/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2025-47776"},{"reference_url":"https://github.com/advisories/GHSA-4v8w-gg5j-ph37","reference_id":"GHSA-4v8w-gg5j-ph37","reference_type":"","scores":[{"value":"HIGH","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-4v8w-gg5j-ph37"},{"reference_url":"https://github.com/mantisbt/mantisbt/security/advisories/GHSA-4v8w-gg5j-ph37","reference_id":"GHSA-4v8w-gg5j-ph37","reference_type":"","scores":[{"value":"9.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N"},{"value":"HIGH","scoring_system":"cvssv3.1_qr","scoring_elements":""},{"value":"8.8","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:H/VA:N/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-11-04T20:41:52Z/"}],"url":"https://github.com/mantisbt/mantisbt/security/advisories/GHSA-4v8w-gg5j-ph37"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/71320?format=json","purl":"pkg:composer/mantisbt/mantisbt@2.27.2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-843s-1vx7-nueb"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/mantisbt/mantisbt@2.27.2"}],"aliases":["CVE-2025-47776","GHSA-4v8w-gg5j-ph37"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-n3nu-aawj-s7af"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/110953?format=json","vulnerability_id":"VCID-stgp-f24d-qqdp","summary":"MantisBT XSS in manage_custom_field_update.php\nAn issue was discovered in MantisBT through 2.24.3. In the helper_ensure_confirmed call in manage_custom_field_update.php, the custom field name is not sanitized. This may be problematic depending on CSP settings.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-35571","reference_id":"","reference_type":"","scores":[{"value":"0.00285","scoring_system":"epss","scoring_elements":"0.52244","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00285","scoring_system":"epss","scoring_elements":"0.52304","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-35571"},{"reference_url":"https://github.com/mantisbt/mantisbt","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/mantisbt/mantisbt"},{"reference_url":"https://github.com/mantisbt/mantisbt/commit/100c3d58c3f6f12b7a6cf97fba473ede521f20db","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/mantisbt/mantisbt/commit/100c3d58c3f6f12b7a6cf97fba473ede521f20db"},{"reference_url":"https://mantisbt.org/bugs/view.php?id=27768","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://mantisbt.org/bugs/view.php?id=27768"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2020-35571","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2020-35571"},{"reference_url":"https://github.com/advisories/GHSA-cvrm-cr3m-qj92","reference_id":"GHSA-cvrm-cr3m-qj92","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-cvrm-cr3m-qj92"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/150413?format=json","purl":"pkg:composer/mantisbt/mantisbt@2.25.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1n7b-6pyz-cka5"},{"vulnerability":"VCID-843s-1vx7-nueb"},{"vulnerability":"VCID-8676-5hmd-s3hm"},{"vulnerability":"VCID-8wux-1k2d-sbam"},{"vulnerability":"VCID-d3yt-mkwe-33hu"},{"vulnerability":"VCID-ed8g-bc8k-dkgq"},{"vulnerability":"VCID-hxaw-gp24-9kfv"},{"vulnerability":"VCID-jpyg-rbg3-rybh"},{"vulnerability":"VCID-jtj9-ccw1-8kd1"},{"vulnerability":"VCID-mubw-sf3f-n3fg"},{"vulnerability":"VCID-n3nu-aawj-s7af"},{"vulnerability":"VCID-uk44-j13d-43ce"},{"vulnerability":"VCID-uyk7-6syy-m7c3"},{"vulnerability":"VCID-uzm1-jgsr-ufeg"},{"vulnerability":"VCID-y7ms-qz8n-3ugn"},{"vulnerability":"VCID-ybzq-wt16-3bc2"},{"vulnerability":"VCID-yhf6-qthy-nqb2"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/mantisbt/mantisbt@2.25.0"}],"aliases":["CVE-2020-35571","GHSA-cvrm-cr3m-qj92"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-stgp-f24d-qqdp"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/110568?format=json","vulnerability_id":"VCID-uk44-j13d-43ce","summary":"MantisBT XSS through crafted SVG documents in file_download.php\nAn XSS vulnerability in MantisBT before 2.25.5 allows remote attackers to attach crafted SVG documents to issue reports or bugnotes. When a user or an admin clicks on the attachment, file_download.php opens the SVG document in a browser tab instead of downloading it as a file, causing the JavaScript code to execute.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-33910","reference_id":"","reference_type":"","scores":[{"value":"0.00251","scoring_system":"epss","scoring_elements":"0.48673","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00251","scoring_system":"epss","scoring_elements":"0.48734","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-33910"},{"reference_url":"https://github.com/mantisbt/mantisbt","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/mantisbt/mantisbt"},{"reference_url":"https://github.com/mantisbt/mantisbt/commit/266762193fc6c09ffc6b14f5a34c86eae3ebee20","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/mantisbt/mantisbt/commit/266762193fc6c09ffc6b14f5a34c86eae3ebee20"},{"reference_url":"https://mantisbt.org/blog/archives/mantisbt/719","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://mantisbt.org/blog/archives/mantisbt/719"},{"reference_url":"https://mantisbt.org/bugs/view.php?id=29135","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://mantisbt.org/bugs/view.php?id=29135"},{"reference_url":"https://mantisbt.org/bugs/view.php?id=30384","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://mantisbt.org/bugs/view.php?id=30384"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2022-33910","reference_id":"","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2022-33910"},{"reference_url":"https://github.com/advisories/GHSA-qghg-v7xv-q98q","reference_id":"GHSA-qghg-v7xv-q98q","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-qghg-v7xv-q98q"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/64053?format=json","purl":"pkg:composer/mantisbt/mantisbt@2.25.5","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1n7b-6pyz-cka5"},{"vulnerability":"VCID-843s-1vx7-nueb"},{"vulnerability":"VCID-8676-5hmd-s3hm"},{"vulnerability":"VCID-8wux-1k2d-sbam"},{"vulnerability":"VCID-d3yt-mkwe-33hu"},{"vulnerability":"VCID-ed8g-bc8k-dkgq"},{"vulnerability":"VCID-jpyg-rbg3-rybh"},{"vulnerability":"VCID-jtj9-ccw1-8kd1"},{"vulnerability":"VCID-mubw-sf3f-n3fg"},{"vulnerability":"VCID-n3nu-aawj-s7af"},{"vulnerability":"VCID-ybzq-wt16-3bc2"},{"vulnerability":"VCID-yhf6-qthy-nqb2"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/mantisbt/mantisbt@2.25.5"}],"aliases":["CVE-2022-33910","GHSA-qghg-v7xv-q98q"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-uk44-j13d-43ce"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/42922?format=json","vulnerability_id":"VCID-uyk7-6syy-m7c3","summary":"MantisBT CSV Injection unprivileged user access in csv_export.php\nLack of Neutralization of Formula Elements in the CSV API of MantisBT before 2.25.3 allows an unprivileged attacker to execute code or gain access to information when a user opens the csv_export.php generated CSV file in Excel.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-43257","reference_id":"","reference_type":"","scores":[{"value":"0.00724","scoring_system":"epss","scoring_elements":"0.72964","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00724","scoring_system":"epss","scoring_elements":"0.72927","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-43257"},{"reference_url":"https://github.com/mantisbt/mantisbt","reference_id":"","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/mantisbt/mantisbt"},{"reference_url":"https://github.com/mantisbt/mantisbt/commit/7f4534c723e3162b8784aebda4836324041dbc3e","reference_id":"","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/mantisbt/mantisbt/commit/7f4534c723e3162b8784aebda4836324041dbc3e"},{"reference_url":"https://github.com/mantisbt/mantisbt/commit/99eb8d41cbacc703f88807898dcc9ac55eec0f15","reference_id":"","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/mantisbt/mantisbt/commit/99eb8d41cbacc703f88807898dcc9ac55eec0f15"},{"reference_url":"https://www.mantisbt.org/bugs/view.php?id=29130","reference_id":"","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.mantisbt.org/bugs/view.php?id=29130"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2021-43257","reference_id":"CVE-2021-43257","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2021-43257"},{"reference_url":"https://github.com/advisories/GHSA-rg8f-5p7x-m6wv","reference_id":"GHSA-rg8f-5p7x-m6wv","reference_type":"","scores":[{"value":"HIGH","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-rg8f-5p7x-m6wv"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/61382?format=json","purl":"pkg:composer/mantisbt/mantisbt@2.25.3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1n7b-6pyz-cka5"},{"vulnerability":"VCID-843s-1vx7-nueb"},{"vulnerability":"VCID-8676-5hmd-s3hm"},{"vulnerability":"VCID-8wux-1k2d-sbam"},{"vulnerability":"VCID-d3yt-mkwe-33hu"},{"vulnerability":"VCID-ed8g-bc8k-dkgq"},{"vulnerability":"VCID-jpyg-rbg3-rybh"},{"vulnerability":"VCID-jtj9-ccw1-8kd1"},{"vulnerability":"VCID-mubw-sf3f-n3fg"},{"vulnerability":"VCID-n3nu-aawj-s7af"},{"vulnerability":"VCID-uk44-j13d-43ce"},{"vulnerability":"VCID-ybzq-wt16-3bc2"},{"vulnerability":"VCID-yhf6-qthy-nqb2"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/mantisbt/mantisbt@2.25.3"}],"aliases":["CVE-2021-43257","GHSA-rg8f-5p7x-m6wv"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-uyk7-6syy-m7c3"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/42919?format=json","vulnerability_id":"VCID-uzm1-jgsr-ufeg","summary":"MantisBT vulnerable to XSS due to improper escape in manage_plugin_page.php and manage_plugin_uninstall.php\nAn XSS issue was discovered in MantisBT before 2.25.3. Improper escaping of a Plugin name allows execution of arbitrary code (if CSP allows it) in manage_plugin_page.php and manage_plugin_uninstall.php when a crafted plugin is installed.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-26144","reference_id":"","reference_type":"","scores":[{"value":"0.00522","scoring_system":"epss","scoring_elements":"0.67249","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00522","scoring_system":"epss","scoring_elements":"0.6729","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-26144"},{"reference_url":"https://github.com/mantisbt/mantisbt","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/mantisbt/mantisbt"},{"reference_url":"https://github.com/mantisbt/mantisbt/commit/a7751c3e318011ca1314bc1cfea200d53e0dfff6","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/mantisbt/mantisbt/commit/a7751c3e318011ca1314bc1cfea200d53e0dfff6"},{"reference_url":"https://mantisbt.org/bugs/view.php?id=29688","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://mantisbt.org/bugs/view.php?id=29688"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2022-26144","reference_id":"CVE-2022-26144","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2022-26144"},{"reference_url":"https://github.com/advisories/GHSA-rqgj-rqfr-5j6f","reference_id":"GHSA-rqgj-rqfr-5j6f","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-rqgj-rqfr-5j6f"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/61382?format=json","purl":"pkg:composer/mantisbt/mantisbt@2.25.3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1n7b-6pyz-cka5"},{"vulnerability":"VCID-843s-1vx7-nueb"},{"vulnerability":"VCID-8676-5hmd-s3hm"},{"vulnerability":"VCID-8wux-1k2d-sbam"},{"vulnerability":"VCID-d3yt-mkwe-33hu"},{"vulnerability":"VCID-ed8g-bc8k-dkgq"},{"vulnerability":"VCID-jpyg-rbg3-rybh"},{"vulnerability":"VCID-jtj9-ccw1-8kd1"},{"vulnerability":"VCID-mubw-sf3f-n3fg"},{"vulnerability":"VCID-n3nu-aawj-s7af"},{"vulnerability":"VCID-uk44-j13d-43ce"},{"vulnerability":"VCID-ybzq-wt16-3bc2"},{"vulnerability":"VCID-yhf6-qthy-nqb2"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/mantisbt/mantisbt@2.25.3"}],"aliases":["CVE-2022-26144","GHSA-rqgj-rqfr-5j6f"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-uzm1-jgsr-ufeg"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/111224?format=json","vulnerability_id":"VCID-y7ms-qz8n-3ugn","summary":"MantisBT allows XSS in manage_custom_field_edit_page.php\nAn XSS issue was discovered in manage_custom_field_edit_page.php in MantisBT before 2.25.2. Unescaped output of the return parameter allows an attacker to inject code into a hidden input field.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-33557","reference_id":"","reference_type":"","scores":[{"value":"0.0093","scoring_system":"epss","scoring_elements":"0.76475","published_at":"2026-06-04T12:55:00Z"},{"value":"0.0093","scoring_system":"epss","scoring_elements":"0.76504","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-33557"},{"reference_url":"https://github.com/mantisbt/mantisbt","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/mantisbt/mantisbt"},{"reference_url":"https://github.com/mantisbt/mantisbt/commit/03dd37221e636f8959b8cb9fbad84f38f9582356","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/mantisbt/mantisbt/commit/03dd37221e636f8959b8cb9fbad84f38f9582356"},{"reference_url":"https://mantisbt.org/blog/archives/mantisbt/699","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://mantisbt.org/blog/archives/mantisbt/699"},{"reference_url":"https://mantisbt.org/bugs/view.php?id=28552","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://mantisbt.org/bugs/view.php?id=28552"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2021-33557","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2021-33557"},{"reference_url":"https://github.com/advisories/GHSA-52cx-vphc-jmjm","reference_id":"GHSA-52cx-vphc-jmjm","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-52cx-vphc-jmjm"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/61979?format=json","purl":"pkg:composer/mantisbt/mantisbt@2.25.2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1n7b-6pyz-cka5"},{"vulnerability":"VCID-843s-1vx7-nueb"},{"vulnerability":"VCID-8676-5hmd-s3hm"},{"vulnerability":"VCID-8wux-1k2d-sbam"},{"vulnerability":"VCID-d3yt-mkwe-33hu"},{"vulnerability":"VCID-ed8g-bc8k-dkgq"},{"vulnerability":"VCID-hxaw-gp24-9kfv"},{"vulnerability":"VCID-jpyg-rbg3-rybh"},{"vulnerability":"VCID-jtj9-ccw1-8kd1"},{"vulnerability":"VCID-mubw-sf3f-n3fg"},{"vulnerability":"VCID-n3nu-aawj-s7af"},{"vulnerability":"VCID-uk44-j13d-43ce"},{"vulnerability":"VCID-uyk7-6syy-m7c3"},{"vulnerability":"VCID-uzm1-jgsr-ufeg"},{"vulnerability":"VCID-ybzq-wt16-3bc2"},{"vulnerability":"VCID-yhf6-qthy-nqb2"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/mantisbt/mantisbt@2.25.2"}],"aliases":["CVE-2021-33557","GHSA-52cx-vphc-jmjm"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-y7ms-qz8n-3ugn"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/44522?format=json","vulnerability_id":"VCID-ybzq-wt16-3bc2","summary":"MantisBT may expose private issues' summaries to unauthorized users\nMantis Bug Tracker (MantisBT) is an open source issue tracker. In versions prior to 2.25.6, due to insufficient access-level checks, any logged-in user allowed to perform Group Actions can access to the _Summary_ field of private Issues (i.e. having Private view status, or belonging to a private Project) via a crafted `bug_arr[]` parameter in *bug_actiongroup_ext.php*. This issue is fixed in version 2.25.6. There are no workarounds.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2023-22476","reference_id":"","reference_type":"","scores":[{"value":"0.00201","scoring_system":"epss","scoring_elements":"0.42019","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00201","scoring_system":"epss","scoring_elements":"0.42093","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2023-22476"},{"reference_url":"https://github.com/mantisbt/mantisbt","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/mantisbt/mantisbt"},{"reference_url":"https://mantisbt.org/bugs/view.php?id=31086","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://mantisbt.org/bugs/view.php?id=31086"},{"reference_url":"https://github.com/advisories/GHSA-hf4x-6h87-hm79","reference_id":"GHSA-hf4x-6h87-hm79","reference_type":"","scores":[],"url":"https://github.com/advisories/GHSA-hf4x-6h87-hm79"},{"reference_url":"https://github.com/mantisbt/mantisbt/security/advisories/GHSA-hf4x-6h87-hm79","reference_id":"GHSA-hf4x-6h87-hm79","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-03-10T21:00:04Z/"}],"url":"https://github.com/mantisbt/mantisbt/security/advisories/GHSA-hf4x-6h87-hm79"},{"reference_url":"https://www.mantisbt.org/bugs/view.php?id=31086","reference_id":"view.php?id=31086","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-03-10T21:00:04Z/"}],"url":"https://www.mantisbt.org/bugs/view.php?id=31086"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/64054?format=json","purl":"pkg:composer/mantisbt/mantisbt@2.25.6","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1n7b-6pyz-cka5"},{"vulnerability":"VCID-843s-1vx7-nueb"},{"vulnerability":"VCID-8676-5hmd-s3hm"},{"vulnerability":"VCID-8wux-1k2d-sbam"},{"vulnerability":"VCID-d3yt-mkwe-33hu"},{"vulnerability":"VCID-ed8g-bc8k-dkgq"},{"vulnerability":"VCID-jpyg-rbg3-rybh"},{"vulnerability":"VCID-jtj9-ccw1-8kd1"},{"vulnerability":"VCID-mubw-sf3f-n3fg"},{"vulnerability":"VCID-n3nu-aawj-s7af"},{"vulnerability":"VCID-yhf6-qthy-nqb2"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/mantisbt/mantisbt@2.25.6"}],"aliases":["CVE-2023-22476","GHSA-hf4x-6h87-hm79"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ybzq-wt16-3bc2"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/48326?format=json","vulnerability_id":"VCID-yhf6-qthy-nqb2","summary":"MantisBT unauthorized disclosure of private project column configuration\nDue to insufficient access-level checks, any non-admin user having access to _manage_config_columns_page.php_ (typically project managers having MANAGER role) can use the _Copy From_ action to retrieve the columns configuration from a private project they have no access to.\n\nAccess to the reverse operation (_Copy To_) is correctly controlled, i.e. it is not possible to alter the private project's configuration.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-62520","reference_id":"","reference_type":"","scores":[{"value":"0.00045","scoring_system":"epss","scoring_elements":"0.14158","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-62520"},{"reference_url":"https://github.com/mantisbt/mantisbt","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/mantisbt/mantisbt"},{"reference_url":"https://github.com/mantisbt/mantisbt/commit/4fe94f45fa2baea2aeb4b65781d2009e7b4a0bf3","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-11-04T21:44:26Z/"}],"url":"https://github.com/mantisbt/mantisbt/commit/4fe94f45fa2baea2aeb4b65781d2009e7b4a0bf3"},{"reference_url":"https://mantisbt.org/bugs/view.php?id=36502","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-11-04T21:44:26Z/"}],"url":"https://mantisbt.org/bugs/view.php?id=36502"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2025-62520","reference_id":"CVE-2025-62520","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2025-62520"},{"reference_url":"https://github.com/advisories/GHSA-g582-8vwr-68h2","reference_id":"GHSA-g582-8vwr-68h2","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-g582-8vwr-68h2"},{"reference_url":"https://github.com/mantisbt/mantisbt/security/advisories/GHSA-g582-8vwr-68h2","reference_id":"GHSA-g582-8vwr-68h2","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N"},{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-11-04T21:44:26Z/"}],"url":"https://github.com/mantisbt/mantisbt/security/advisories/GHSA-g582-8vwr-68h2"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/71320?format=json","purl":"pkg:composer/mantisbt/mantisbt@2.27.2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-843s-1vx7-nueb"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/mantisbt/mantisbt@2.27.2"}],"aliases":["CVE-2025-62520","GHSA-g582-8vwr-68h2"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-yhf6-qthy-nqb2"}],"fixing_vulnerabilities":[{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/42958?format=json","vulnerability_id":"VCID-kh1w-q4tc-6yhd","summary":"MantisBT Insufficient Session Expiration cookie string not reset after logout\nAn issue was discovered in MantisBT before 2.24.5. It associates a unique cookie string with each user. This string is not reset upon logout (i.e., the user session is still considered valid and active), allowing an attacker who somehow gained access to a user's cookie to login as them.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2009-20001","reference_id":"","reference_type":"","scores":[{"value":"0.00142","scoring_system":"epss","scoring_elements":"0.34153","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00142","scoring_system":"epss","scoring_elements":"0.34053","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2009-20001"},{"reference_url":"https://github.com/mantisbt/mantisbt","reference_id":"","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/mantisbt/mantisbt"},{"reference_url":"https://github.com/mantisbt/mantisbt/commit/79a78c09d5ef5ce098adc73f6f1416f00fc238a5","reference_id":"","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/mantisbt/mantisbt/commit/79a78c09d5ef5ce098adc73f6f1416f00fc238a5"},{"reference_url":"https://mantisbt.org/bugs/view.php?id=11296","reference_id":"","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://mantisbt.org/bugs/view.php?id=11296"},{"reference_url":"https://mantisbt.org/bugs/view.php?id=27976","reference_id":"","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://mantisbt.org/bugs/view.php?id=27976"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2009-20001","reference_id":"CVE-2009-20001","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2009-20001"},{"reference_url":"https://github.com/advisories/GHSA-jm72-67rm-763j","reference_id":"GHSA-jm72-67rm-763j","reference_type":"","scores":[{"value":"HIGH","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-jm72-67rm-763j"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/61471?format=json","purl":"pkg:composer/mantisbt/mantisbt@2.24.5","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1n7b-6pyz-cka5"},{"vulnerability":"VCID-843s-1vx7-nueb"},{"vulnerability":"VCID-8676-5hmd-s3hm"},{"vulnerability":"VCID-8wux-1k2d-sbam"},{"vulnerability":"VCID-d3yt-mkwe-33hu"},{"vulnerability":"VCID-ed8g-bc8k-dkgq"},{"vulnerability":"VCID-hxaw-gp24-9kfv"},{"vulnerability":"VCID-jpyg-rbg3-rybh"},{"vulnerability":"VCID-jtj9-ccw1-8kd1"},{"vulnerability":"VCID-mubw-sf3f-n3fg"},{"vulnerability":"VCID-n3nu-aawj-s7af"},{"vulnerability":"VCID-stgp-f24d-qqdp"},{"vulnerability":"VCID-uk44-j13d-43ce"},{"vulnerability":"VCID-uyk7-6syy-m7c3"},{"vulnerability":"VCID-uzm1-jgsr-ufeg"},{"vulnerability":"VCID-y7ms-qz8n-3ugn"},{"vulnerability":"VCID-ybzq-wt16-3bc2"},{"vulnerability":"VCID-yhf6-qthy-nqb2"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/mantisbt/mantisbt@2.24.5"}],"aliases":["CVE-2009-20001","GHSA-jm72-67rm-763j"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-kh1w-q4tc-6yhd"}],"risk_score":null,"resource_url":"http://public2.vulnerablecode.io/packages/pkg:composer/mantisbt/mantisbt@2.24.5"}