CVE Vulnerabilities

CVE-2002-1112

Published: Oct 04, 2002 | Modified: Oct 10, 2017
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
5 MEDIUM
AV:N/AC:L/Au:N/C:P/I:N/A:N
RedHat/V2
RedHat/V3
Ubuntu

Mantis before 0.17.4 allows remote attackers to list project bugs without authentication by modifying the cookie that is used by the View Bugs page.

Affected Software

Name Vendor Start Version End Version
Mantis Mantis 0.15.12 0.15.12
Mantis Mantis 0.15.3 0.15.3
Mantis Mantis 0.15.9 0.15.9
Mantis Mantis 0.17.0 0.17.0
Mantis Mantis 0.15.10 0.15.10
Mantis Mantis 0.16.1 0.16.1
Mantis Mantis 0.15.4 0.15.4
Mantis Mantis 0.15.11 0.15.11
Mantis Mantis 0.17.2 0.17.2
Mantis Mantis 0.15.7 0.15.7
Mantis Mantis 0.17.3 0.17.3
Mantis Mantis 0.17.1 0.17.1
Mantis Mantis 0.15.5 0.15.5
Mantis Mantis 0.16.0 0.16.0
Mantis Mantis 0.15.8 0.15.8
Mantis Mantis 0.15.6 0.15.6

References