MantisBT 2.22.1 and 1.3.20 released

In order to stay up to date with the latest MantisBT news, please star our GitHub repository, join our Gitter channel, or follow us on X and retweet to spread the word!

MantisBT 2.22.1

Security release for 2.22.x series. All installations are strongly advised to upgrade as soon as possible.

  • 0026091: [security] CVE-2019-15715: [Admin Required – Post Authentication] Command Execution / Injection Vulnerability (atrol)
  • 0026110: [administration] [Show content] for Complex Configuration option doesn’t work when mod_rewrite is disabled (dregad)
  • 0026160: [security] Update bundled Bootstrap to 3.4.1 (CVE-2019-8331) (dregad)
  • 0026168: [security] Enable integrity hashes for CSS ressources from CDNs (dregad)

MantisBT 1.3.20

Security release for 1.3.x series. All installations are strongly advised to upgrade as soon as possible.

  • 0026162: [security] CVE-2019-15715: Command Execution / Injection Vulnerability (dregad)

In order to stay up to date with the latest MantisBT news, please star our GitHub repository, join our Gitter channel, or follow us on X and retweet to spread the word!

Go ahead and download the release from our website.