Description

Mantis Bug Tracker (MantisBT) is an open source issue tracker. Versions prior to 2.28.1 running on MySQL family databases are affected by an authentication bypass vulnerability in the SOAP API, as a result of an improper type checking on the password parameter. Other database backends are not affected, as they do not perform implicit type conversion from string to integer. Using a crafted SOAP envelope, an attacker knowing the victim's username is able to login to the SOAP API with their account without knowledge of the actual password, and execute any API function they have access to. Version 2.28.1 contains a patch. Disabling the SOAP API significantly reduces the risk, but still allows the attacker to retrieve user account information including email address and real name.

INFO

Published Date :

2026-03-23T19:10:34.345Z

Last Modified :

2026-03-24T18:30:05.202Z

Source :

GitHub_M
AFFECTED PRODUCTS

The following products are affected by CVE-2026-30849 vulnerability.

Vendors Products
Mantisbt
  • Mantisbt
REFERENCES

Here, you will find a curated list of external links that provide in-depth information to CVE-2026-30849.

URL Resource
https://github.com/mantisbt/mantisbt/commit/b349e5c890eeda9bd82e7c7e14479853f8a30d9f cve-icon cve-icon
https://github.com/mantisbt/mantisbt/security/advisories/GHSA-phrq-pc6r-f6gh cve-icon cve-icon
Login to claim this CVE

CVSS Vulnerability Scoring System

Detailed values of each vector for above chart.
Attack Vector
Attack Complexity
Attack Requirements
Privileges Required
User Interaction
VS Confidentiality
VS Integrity
VS Availability
SS Confidentiality
SS Integrity
SS Availability
Detailed values of each vector for above chart.
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality Impact
Integrity Impact
Availability Impact