MantisBT: Bugnote Revision Page Leaks Private Issue Metadata After Issue Access Is Revoked

MantisBT allows a bugnote author to access the note's Revisions page after losing access to the parent private issue. Impact Disclosure of the private Issue's Id and Summary. The bugnote full revision body remains secure. Patches - 71df1f67e05b2050cd4bd87839e6cc13747cf03f Workarounds None Credits...

Incorrect Authorization

Overview mantisbt/mantisbt is a mantis bug tracker. Affected versions of this package are vulnerable to Incorrect Authorization through the bugrevisionviewpage.php check. An attacker can gain access to potentially confidential information by manipulating the bugnoteid parameter. Remediation Upgra...