CVE-2026-34754
MEDIUMMantisBT allows unauthorized users to upload attachments to restricted issues via REST API
Title source: cnaDescription
Mantis Bug Tracker (MantisBT) is an open source issue tracker. Versions 2.28.1 and prior allow an authenticated user to upload attachments to private Issues they are not authorized to access. This issue has been fixed in version 2.28.2.
References (3)
Core 3
Core References
X_Refsource_Confirm x_refsource_confirm
https://github.com/mantisbt/mantisbt/security/advisories/GHSA-h4x5-gvx6-3rwc
X_Refsource_Misc x_refsource_misc
https://github.com/mantisbt/mantisbt/commit/b262b4d2835b81394d75356dead66e52a6275206
X_Refsource_Misc x_refsource_misc
https://mantisbt.org/bugs/view.php?id=36976
Scores
CVSS v3
4.3
EPSS
0.0025
EPSS Percentile
15.8%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
CISA SSVC
Vulnrichment
Exploitation
none
Automatable
no
Technical Impact
partial
Details
CWE
CWE-284
Status
published
Products (2)
mantisbt/mantisbt
0 - 2.28.2Packagist
mantisbt/mantisbt
< 2.28.2
Published
May 20, 2026
Tracked Since
May 20, 2026