Mantis before 1.1.0a2 does not implement per-item access control for Issue History (Bug History), which allows remote attackers to obtain sensitive information by reading the Change column, as demonstrated by the Change column of a custom field.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Mantis | Mantis | 1.0.6 | 1.0.6 |
Mantis | Mantis | 1.0.2 | 1.0.2 |
Mantis | Mantis | 1.0.4 | 1.0.4 |
Mantis | Mantis | 1.0.0_rc3 | 1.0.0_rc3 |
Mantis | Mantis | 1.0.0_rc1 | 1.0.0_rc1 |
Mantis | Mantis | 1.0.0_rc2 | 1.0.0_rc2 |
Mantis | Mantis | 1.0.0 | 1.0.0 |
Mantis | Mantis | 1.0.1 | 1.0.1 |
Mantis | Mantis | 1.0.0_rc4 | 1.0.0_rc4 |
Mantis | Mantis | 1.0.3 | 1.0.3 |
Mantis | Mantis | 1.0.5 | 1.0.5 |
Mantis | Mantis | 1.0.0a3 | 1.0.0a3 |
Mantis | Mantis | 1.0.0a1 | 1.0.0a1 |
Mantis | Mantis | 1.0.0a2 | 1.0.0a2 |
Mantis | Mantis | 1.0.0_rc5 | 1.0.0_rc5 |
Mantis | Mantis | * | 1.1.0a1 |