Описание
Mantis before 0.17.4 allows remote attackers to list project bugs without authentication by modifying the cookie that is used by the "View Bugs" page.
Пакеты
| Пакет | Статус | Версия исправления | Релиз | Тип |
|---|---|---|---|---|
| mantis | fixed | 0.17.4a-2 | package |
EPSS
Процентиль: 70%
0.00625
Низкий
Связанные уязвимости
nvd
больше 23 лет назад
Mantis before 0.17.4 allows remote attackers to list project bugs without authentication by modifying the cookie that is used by the "View Bugs" page.
github
почти 4 года назад
Mantis before 0.17.4 allows remote attackers to list project bugs without authentication by modifying the cookie that is used by the "View Bugs" page.
EPSS
Процентиль: 70%
0.00625
Низкий