Описание
MantisBT before 1.2.18 does not properly check permissions when sending an email that indicates when a monitored issue is related to another issue, which allows remote authenticated users to obtain sensitive information about restricted issues.
Ссылки
- Vendor Advisory
- Vendor Advisory
- Vendor Advisory
- Vendor Advisory
Уязвимые конфигурации
Конфигурация 1Версия до 1.2.17 (включая)
cpe:2.3:a:mantisbt:mantisbt:*:*:*:*:*:*:*:*
EPSS
Процентиль: 41%
0.0019
Низкий
3.5 Low
CVSS2
Дефекты
CWE-200
Связанные уязвимости
debian
около 11 лет назад
MantisBT before 1.2.18 does not properly check permissions when sendin ...
github
больше 3 лет назад
MantisBT before 1.2.18 does not properly check permissions when sending an email that indicates when a monitored issue is related to another issue, which allows remote authenticated users to obtain sensitive information about restricted issues.
EPSS
Процентиль: 41%
0.0019
Низкий
3.5 Low
CVSS2
Дефекты
CWE-200