Lucene search

GitHub Advisory DatabaseGHSA-99JC-WQMR-FF2Q

HistoryMay 13, 2024 - 2:57 p.m.

MantisBT Vulnerable to Exposure of Sensitive Information to an Unauthorized Actor

2024-05-1314:57:36

CWE-200

GitHub Advisory Database

github.com

mantisbt

vulnerable

unauthorized disclosure

sensitive information

access denied

disclosure

information security

6.5 Medium

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

15.1%

JSON

If an issue references a note that belongs to another issue that the user doesn’t have access to, then it gets hyperlinked. Clicking on the link gives an access denied error as expected, yet some information remains available via the link, link label, and tooltip.

Impact

Disclosure of the following information:

existence of the note
note author name
note creation timestamp
issue id the note belongs to

Patches

See PR https://github.com/mantisbt/mantisbt/pull/2000

Workarounds

None

References

https://mantisbt.org/bugs/view.php?id=34434

CPENameOperatorVersion
mantisbt/mantisbtlt2.26.2

CPE	Name	Operator	Version
	mantisbt/mantisbt	lt	2.26.2

References

github.com/advisories/GHSA-99jc-wqmr-ff2q

github.com/mantisbt/mantisbt/commit/0a50562369d823689c9b946066d1e49d3c2df226

github.com/mantisbt/mantisbt/pull/2000

github.com/mantisbt/mantisbt/security/advisories/GHSA-99jc-wqmr-ff2q

mantisbt.org/bugs/view.php?id=34434

nvd.nist.gov/vuln/detail/CVE-2024-34080