PT-2026-60393 · Packagist · Mantisbt/Mantisbt

CVE-2026-62944

·

Publicado

2026-07-15

·

Atualizado

2026-07-15

CVSS v4.0

8.6

Alta

VetorAV:N/AC:L/AT:N/PR:L/UI:P/VC:H/VI:H/VA:L/SC:N/SI:N/SA:N
A missing output encoding call in print all bug page word.php allows any authenticated user to inject arbitrary HTML into an IMG tag's alt attribute via an image attachment with a crafted filename such as probe." onload="alert(1).
When any user views the HTML export page (print all bug page word.php?type page=html&export=1), the rendered IMG tag becomes <img src="..." alt="" onload="alert(1)" />, breaking out of the alt attribute.

Impact

Cross-site scripting.
Impact is limited by MantisBT's Content Security Policy.

Patches

Workarounds

None

Resources

Credits

MantisBT thanks the Dracosec Research Limited team (Chris Chan, Krecendo Hui, William Lam) for discovering and responsibly reporting the issue.

Correção

XSS

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

Enumeração de Fraquezas

Identificadores relacionados

CVE-2026-62944
GHSA-H2WF-967X-GXVW

Produtos afetados

Mantisbt/Mantisbt