Описание
An access control issue in MantisBT before 1.2.13 allows users with "Reporter" permissions to change any issue to "New".
Ссылки
- Third Party Advisory
- Mailing ListThird Party Advisory
- Mailing ListThird Party Advisory
- Vendor Advisory
- Third Party Advisory
- Third Party Advisory
- Mailing ListThird Party Advisory
- Mailing ListThird Party Advisory
- Vendor Advisory
- Third Party Advisory
Уязвимые конфигурации
Конфигурация 1Версия до 1.2.13 (исключая)
cpe:2.3:a:mantisbt:mantisbt:*:*:*:*:*:*:*:*
Конфигурация 2
Одно из
cpe:2.3:o:debian:debian_linux:6.0:*:*:*:*:*:*:*
cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*
EPSS
Процентиль: 55%
0.00325
Низкий
4.3 Medium
CVSS3
4 Medium
CVSS2
Дефекты
CWE-20
Связанные уязвимости
CVSS3: 4.3
ubuntu
около 6 лет назад
An access control issue in MantisBT before 1.2.13 allows users with "Reporter" permissions to change any issue to "New".
CVSS3: 4.3
debian
около 6 лет назад
An access control issue in MantisBT before 1.2.13 allows users with "R ...
github
почти 4 года назад
An access control issue in MantisBT before 1.2.13 allows users with "Reporter" permissions to change any issue to "New".
EPSS
Процентиль: 55%
0.00325
Низкий
4.3 Medium
CVSS3
4 Medium
CVSS2
Дефекты
CWE-20