Mantis prior to 20041016 provides a complete Issue History (Bug History) in the web interface regardless of view_history_threshold, which allows remote malicious users to obtain sensitive information (private bug details) by visiting a bug's web page.
| Vulnerable Product | Search on Vulmon | Subscribe to Product |
|---|---|---|
mantis mantis 0.10 |
||
mantis mantis 0.10.1 |
||
mantis mantis 0.14.7 |
||
mantis mantis 0.14.8 |
||
mantis mantis 0.15 |
||
mantis mantis 0.15.1 |
||
mantis mantis 0.17 |
||
mantis mantis 0.17.1 |
||
mantis mantis 0.17.2 |
||
mantis mantis 0.17.3 |
||
mantis mantis 0.18a1 |
||
mantis mantis 0.19 |
||
mantis mantis 0.11 |
||
mantis mantis 0.12 |
||
mantis mantis 0.14.4 |
||
mantis mantis 0.14.6 |
||
mantis mantis 0.15.10 |
||
mantis mantis 0.15.12 |
||
mantis mantis 0.15.8 |
||
mantis mantis 0.16 |
||
mantis mantis 0.17.4a |
||
mantis mantis 0.18 |
||
mantis mantis 0.18.0a4 |
||
mantis mantis 0.18.2 |
||
mantis mantis 0.19.0a2 |
||
mantis mantis 0.9.1 |
||
mantis mantis 0.13 |
||
mantis mantis 0.13.1 |
||
mantis mantis 0.14 |
||
mantis mantis 0.14.1 |
||
mantis mantis 0.14.2 |
||
mantis mantis 0.15.3 |
||
mantis mantis 0.15.4 |
||
mantis mantis 0.15.5 |
||
mantis mantis 0.15.6 |
||
mantis mantis 0.18.0_rc1 |
||
mantis mantis 0.18.0a1 |
||
mantis mantis 0.18.0a2 |
||
mantis mantis 0.18.0a3 |
||
mantis mantis 0.19.0_rc1 |
||
mantis mantis 0.19.0a |
||
mantis mantis 0.10.2 |
||
mantis mantis 0.11.1 |
||
mantis mantis 0.14.3 |
||
mantis mantis 0.14.5 |
||
mantis mantis 0.15.11 |
||
mantis mantis 0.15.2 |
||
mantis mantis 0.15.7 |
||
mantis mantis 0.15.9 |
||
mantis mantis 0.16.1 |
||
mantis mantis 0.17.4 |
||
mantis mantis 0.17.5 |
||
mantis mantis 0.18.1 |
||
mantis mantis 0.18.3 |
||
mantis mantis 0.19.0a1 |
||
mantis mantis 0.9 |
Vulmon