XSS in Mantisbt

CVE-2026-34463

Mantis Bug Tracker (MantisBT) is an open source issue tracker. Versions 2.28.1 and prior contain a Stored XSS vulnerability. When cloning an issue originating from a Project other than the current one, the clone form (bug_report_page.php)…

Vulnerability class: XSS (Cross-Site Scripting)

EPSS: 0.000 (4.5th percentile) — read the EPSS interpretation.