|
Mantis Unauthorized Project Bug List Viewing Vulnerability
Mantis is a web-based bug tracking system. It is written in PHP and back-ended by a MySQL database. Mantis is prone to an issue which may allow malicious users of the bug tracking system to gain unauthorized access to restricted projects. A user who does not have permissions to view any projects will be able to view bugs from all public and private projects on the 'View Bugs' page. |
|
|
Privacy Statement |
