Cross-Site Scripting Vulnerability in Mantis Bug Tracker 2.28.1 and Below
CVE-2026-40598

6.9MEDIUM

Key Information:

Vendor

Mantisbt

Status
Mantisbt
Vendor
CVE Published:
22 May 2026

What is CVE-2026-40598?

Mantis Bug Tracker, an open-source issue tracking system, has a vulnerability in versions 2.28.1 and earlier, where improper escaping of the redirection page allows an attacker to inject HTML via the Referer header in requests. Although modern browsers typically URL-encode special characters, specific server configurations may enable caching issues that facilitate cross-site scripting, potentially compromising security. This vulnerability was addressed in version 2.28.2.

Affected Version(s)

mantisbt < 2.28.2

References

https://github.com/mantisbt/mantisbt/security/advisories/...
x_refsource_CONFIRM
https://github.com/mantisbt/mantisbt/commit/b1ebc57763f10...
x_refsource_MISC
https://mantisbt.org/bugs/view.php?id=37017
x_refsource_MISC

CVSS V4

Score:
6.9
Severity:
MEDIUM
Confidentiality:
Low
Integrity:
Low
Availability:
None
Attack Vector:
Network
Attack Complexity:
Low
Attack Required:
None
Privileges Required:
Undefined
User Interaction:
None

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.