Dregad

**Name of the Vulnerable Software and Affected Versions** MantisBT versions prior to 2.25.3 **Description** An issue was discovered in MantisBT, where improper escaping of a `Plugin name` allows execution of arbitrary code in `manage plugin page.php` and `manage plugin uninstall.php` when a crafted plugin is installed, provided that the Content Security Policy (CSP) allows it. **Recommendations** For versions prior to 2.25.3, update to version 2.25.3 or later to resolve the issue. As a temporary workaround, consider restricting the installation of plugins to trusted sources until a patch is applied.

**Name of the Vulnerable Software and Affected Versions** MantisBT versions prior to 1.3.20 MantisBT versions prior to 2.22.1 **Description** The issue allows for Post Authentication Command Injection, which can lead to Remote Code Execution. **Recommendations** For versions prior to 1.3.20, update to version 1.3.20 or later. For versions prior to 2.22.1, update to version 2.22.1 or later.

**Name of the Vulnerable Software and Affected Versions** MantisBT versions prior to 1.2.13 **Description** An access control issue allows users with "Reporter" permissions to change the status of any issue to "New". **Recommendations** For versions prior to 1.2.13, update to version 1.2.13 or later to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** MantisBT versions 1.2.0rc1 through 1.2.14 **Description** A cross-site scripting issue exists in the configuration report page, allowing remote authenticated users to inject arbitrary web script or HTML via a complex value in the adm config report.php file. **Recommendations** For versions 1.2.0rc1 through 1.2.14, update to version 1.2.14 or later to resolve the issue.