CVE-2026-33548
MantisBT has Stored HTML Injection / XSS when displaying Tags in Timeline
CVSS Score
0.0
EPSS Score
0.1%
EPSS Percentile
21th
Mantis Bug Tracker (MantisBT) is an open source issue tracker. In version 2.28.0, improper escaping of tag names retrieved from History in Timeline (my_view_page.php) allows an attacker to inject HTML and, if CSP settings permit, achieve execution of arbitrary JavaScript, when displaying a tag that has been renamed or deleted. Version 2.28.1 contains a patch. Workarounds include editing offending History entries (using SQL) and wrapping `$this->tag_name` in a string_html_specialchars() call in IssueTagTimelineEvent::html().
| CWE | CWE-79 |
| Vendor | mantisbt |
| Product | mantisbt |
| Published | Mar 23, 2026 |
| Last Updated | Mar 24, 2026 |
Stay Ahead of the Next One
Get instant alerts for mantisbt mantisbt
Be the first to know when new unknown vulnerabilities affecting mantisbt mantisbt are published โ delivered to Slack, Telegram or Discord.
Get Free Alerts โ
Free ยท No credit card ยท 60 sec setup
Affected Versions
mantisbt / mantisbt
= 2.28.0