MantisBT Linked Custom Fields
By the Year
In 2024 there have been 0 vulnerabilities in MantisBT Linked Custom Fields . Last year Linked Custom Fields had 1 security vulnerability published. Right now, Linked Custom Fields is on track to have less security vulnerabilities in 2024 than it did last year.
| Year | Vulnerabilities | Average Score |
|---|---|---|
| 2024 | 0 | 0.00 |
| 2023 | 1 | 6.10 |
| 2022 | 0 | 0.00 |
| 2021 | 0 | 0.00 |
| 2020 | 0 | 0.00 |
| 2019 | 0 | 0.00 |
| 2018 | 0 | 0.00 |
It may take a day or so for new Linked Custom Fields vulnerabilities to show up in the stats or in the list of recent security vulnerabilties. Additionally vulnerabilities may be tagged under a different product or component name.
Recent MantisBT Linked Custom Fields Security Vulnerabilities
The LinkedCustomFields plugin for MantisBT allows users to link values between two custom fields, creating linked drop-downs
CVE-2023-49802
6.1 - Medium
- December 11, 2023
The LinkedCustomFields plugin for MantisBT allows users to link values between two custom fields, creating linked drop-downs. Prior to version 2.0.1, cross-site scripting in the MantisBT LinkedCustomFields plugin allows Javascript execution, when a crafted Custom Field is linked via the plugin and displayed when reporting a new Issue or editing an existing one. This issue is fixed in version 2.0.1. As a workaround, one may utilize MantisBT's default Content Security Policy, which blocks script execution.
XSS
Stay on top of Security Vulnerabilities
Want an email whenever new vulnerabilities are published for MantisBT Linked Custom Fields or by MantisBT? Click the Watch button to subscribe.
