CVE-2002-1111

print_all_bug_page.php in Mantis 0.17.3 and earlier does not verify the limit_reporters option, which allows remote attackers to view bug summaries for bugs that would otherwise be restricted.
Advertisement

NeevaHost hosting service

Configurations

Configuration 1 (hide)

OR cpe:2.3:a:mantis:mantis:0.16.0:*:*:*:*:*:*:*
cpe:2.3:a:mantis:mantis:0.16.1:*:*:*:*:*:*:*
cpe:2.3:a:mantis:mantis:0.17.0:*:*:*:*:*:*:*
cpe:2.3:a:mantis:mantis:0.17.1:*:*:*:*:*:*:*
cpe:2.3:a:mantis:mantis:0.17.2:*:*:*:*:*:*:*
cpe:2.3:a:mantis:mantis:0.17.3:*:*:*:*:*:*:*

Information

Published : 2002-10-03 21:00

Updated : 2017-10-09 18:30


NVD link : CVE-2002-1111

Mitre link : CVE-2002-1111


JSON object : View

CWE
CWE-264

Permissions, Privileges, and Access Controls

Advertisement

dedicated server usa

Products Affected

mantis

  • mantis