CVE Vulnerabilities

CVE-2002-1112

Published: Oct 04, 2002 | Modified: Nov 20, 2024
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
5 MEDIUM
AV:N/AC:L/Au:N/C:P/I:N/A:N
RedHat/V2
RedHat/V3
Ubuntu

Mantis before 0.17.4 allows remote attackers to list project bugs without authentication by modifying the cookie that is used by the View Bugs page.

Affected Software

Name Vendor Start Version End Version
Mantis Mantis 0.15.3 (including) 0.15.3 (including)
Mantis Mantis 0.15.4 (including) 0.15.4 (including)
Mantis Mantis 0.15.5 (including) 0.15.5 (including)
Mantis Mantis 0.15.6 (including) 0.15.6 (including)
Mantis Mantis 0.15.7 (including) 0.15.7 (including)
Mantis Mantis 0.15.8 (including) 0.15.8 (including)
Mantis Mantis 0.15.9 (including) 0.15.9 (including)
Mantis Mantis 0.15.10 (including) 0.15.10 (including)
Mantis Mantis 0.15.11 (including) 0.15.11 (including)
Mantis Mantis 0.15.12 (including) 0.15.12 (including)
Mantis Mantis 0.16.0 (including) 0.16.0 (including)
Mantis Mantis 0.16.1 (including) 0.16.1 (including)
Mantis Mantis 0.17.0 (including) 0.17.0 (including)
Mantis Mantis 0.17.1 (including) 0.17.1 (including)
Mantis Mantis 0.17.2 (including) 0.17.2 (including)
Mantis Mantis 0.17.3 (including) 0.17.3 (including)

References