Lucene search

K
cvelistRedhatCVELIST:CVE-2012-1122
HistoryJun 29, 2012 - 7:00 p.m.

CVE-2012-1122

2012-06-2919:00:00
redhat
www.cve.org

6 Medium

AI Score

Confidence

High

0.006 Low

EPSS

Percentile

78.6%

bug_actiongroup.php in MantisBT before 1.2.9 does not properly check the report_bug_threshold permission of the receiving project when moving a bug report, which allows remote authenticated users with the report_bug_threshold and move_bug_threshold privileges for a project to bypass intended access restrictions and move bug reports to a different project.

6 Medium

AI Score

Confidence

High

0.006 Low

EPSS

Percentile

78.6%