CVE-2026-34754

Source
https://cve.org/CVERecord?id=CVE-2026-34754
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2026-34754.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2026-34754
Aliases
Published
2026-05-19T23:05:27.818Z
Modified
2026-07-08T08:12:52.959954807Z
Severity
  • 4.3 (Medium) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N CVSS Calculator
Summary
MantisBT allows unauthorized users to upload attachments to restricted issues via REST API
Details

Mantis Bug Tracker (MantisBT) is an open source issue tracker. Versions 2.28.1 and prior allow an authenticated user to upload attachments to private Issues they are not authorized to access. This issue has been fixed in version 2.28.2.

Database specific
{
    "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2026/34xxx/CVE-2026-34754.json",
    "cna_assigner": "GitHub_M",
    "cwe_ids": [
        "CWE-284"
    ]
}
References

Affected packages

Git / github.com/mantisbt/mantisbt

Affected ranges

Type
GIT
Repo
https://github.com/mantisbt/mantisbt
Events
Introduced
0 Unknown introduced commit / All previous commits are affected
Fixed
Database specific
{
    "source": [
        "AFFECTED_FIELD",
        "REFERENCES"
    ],
    "extracted_events": [
        {
            "introduced": "0"
        },
        {
            "fixed": "2.28.2"
        }
    ]
}

Affected versions

release-1.*
release-1.2.0a1
release-1.2.0a2
release-1.2.0a3
release-1.2.0rc1
release-1.3.0-beta.1
release-1.3.0-beta.2
release-1.3.0-beta.3
release-1.3.0-rc.1
release-1.3.0-rc.2
release-2.*
release-2.0.0
release-2.0.0-beta.1
release-2.0.0-beta.2
release-2.0.0-beta.3
release-2.0.0-rc.1
release-2.0.0-rc.2
release-2.1.0
release-2.10.0
release-2.11.0
release-2.12.0
release-2.13.0
release-2.14.0
release-2.15.0
release-2.16.0
release-2.17.0
release-2.18.0
release-2.19.0
release-2.2.0
release-2.20.0
release-2.21.0
release-2.22.0
release-2.23.0
release-2.24.0
release-2.25.0
release-2.26.0
release-2.27.0
release-2.28.0
release-2.28.1
release-2.3.0
release-2.4.0
release-2.5.0
release-2.6.0
release-2.7.0
release-2.8.0
release-2.9.0

Database specific

source
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2026-34754.json"