Mantis Bug Tracker
Easy fix2 remedies
cpe:2.3:a:mantisbt:mantisbt:*:*:*:*:*:*:*
Easy fix2 remedies
- <= 2.28.1
Mantis Bug Tracker Stored Cross-Site Scripting Vulnerability in Issue Cloning Feature
Vulnerability
Patched
A stored cross-site scripting vulnerability has been identified in Mantis Bug Tracker (MantisBT) versions 2.28.1 and prior. The issue arises when cloning an issue from a different project. The clone form (bug_report_page.php) includes the source project name before the category selector without proper escaping. This flaw allows an attacker with manager or administrator access to inject HTML. The vulnerability has been patched in version 2.28.2.
Impact
Exploitation of this vulnerability allows for stored cross-site scripting, where injected HTML is executed in the context of the user.
Reproduction
To reproduce this vulnerability, rename a project to include a harmless HTML payload, such as a span element. Then, switch to a different project and open the clone form for an issue in the project with the injected HTML. The source project name will be rendered as HTML, demonstrating the cross-site scripting vulnerability.
Remediation
Users can update to MantisBT version 2.28.2, where this vulnerability has been fixed.
Added: May 19, 2026, 10:19 PM
Updated: May 19, 2026, 10:19 PM
Vulnerability Rating
Custom Algorithm
spread
5.0impact
1.7exploitability
5.9remediation
8.3relevance
8.8threat
6.4urgency
2.9incentive
0.0Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.