Количество 3
Количество 3
CVE-2025-55155
Mantis Bug Tracker (MantisBT) is an open source issue tracker. In versions 2.27.1 and below, when a user edits their profile to change their e-mail address, the system saves it without validating that it actually belongs to the user. This could result in storing an invalid email address, preventing the user from receiving system notifications. Notifications sent to another person's email address could lead to information disclosure. This issue is fixed in version 2.27.2.
CVE-2025-55155
Mantis Bug Tracker (MantisBT) is an open source issue tracker. In vers ...
GHSA-q747-c74m-69pr
MantisBT lacks verification when changing a user's email address
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | CVE-2025-55155 Mantis Bug Tracker (MantisBT) is an open source issue tracker. In versions 2.27.1 and below, when a user edits their profile to change their e-mail address, the system saves it without validating that it actually belongs to the user. This could result in storing an invalid email address, preventing the user from receiving system notifications. Notifications sent to another person's email address could lead to information disclosure. This issue is fixed in version 2.27.2. | CVSS3: 5.4 | 0% Низкий | 3 месяца назад |
| CVE-2025-55155 Mantis Bug Tracker (MantisBT) is an open source issue tracker. In vers ... | CVSS3: 5.4 | 0% Низкий | 3 месяца назад |
| GHSA-q747-c74m-69pr MantisBT lacks verification when changing a user's email address | CVSS3: 5.4 | 0% Низкий | 3 месяца назад |
Уязвимостей на страницу