Mantis 0.17.5 and previous versions stores its database password in cleartext in a world-readable configuration file, which allows local users to perform unauthorized database operations.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
mantis mantis 0.17.5 |