Количество 4
Количество 4
CVE-2020-25781
An issue was discovered in file_download.php in MantisBT before 2.24.3. Users without access to view private issue notes are able to download the (supposedly private) attachments linked to these notes by accessing the corresponding file download URL directly.
CVE-2020-25781
An issue was discovered in file_download.php in MantisBT before 2.24.3. Users without access to view private issue notes are able to download the (supposedly private) attachments linked to these notes by accessing the corresponding file download URL directly.
CVE-2020-25781
An issue was discovered in file_download.php in MantisBT before 2.24.3 ...
GHSA-xjmx-cprh-646r
MantisBT unauthorized users able to access private files
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | CVE-2020-25781 An issue was discovered in file_download.php in MantisBT before 2.24.3. Users without access to view private issue notes are able to download the (supposedly private) attachments linked to these notes by accessing the corresponding file download URL directly. | CVSS3: 4.3 | 0% Низкий | больше 5 лет назад |
 | CVE-2020-25781 An issue was discovered in file_download.php in MantisBT before 2.24.3. Users without access to view private issue notes are able to download the (supposedly private) attachments linked to these notes by accessing the corresponding file download URL directly. | CVSS3: 4.3 | 0% Низкий | больше 5 лет назад |
| CVE-2020-25781 An issue was discovered in file_download.php in MantisBT before 2.24.3 ... | CVSS3: 4.3 | 0% Низкий | больше 5 лет назад |
| GHSA-xjmx-cprh-646r MantisBT unauthorized users able to access private files | CVSS3: 4.3 | 0% Низкий | больше 3 лет назад |
Уязвимостей на страницу