Cross-Site Request Forgery (CSRF) in alanaktion/phproject

✍️ Description Attacker able to close any issue with CSRF attack. It does not matter at all that your application run in localhost or elsewhere, just it is enough to run on a browser and another low privilege user or attackers know the IP address or hostname of your application. In CSRF attacks it...

CVE-2013-1930

MantisBT 1.2.12 before 1.2.15 allows authenticated users to by the workflow restriction and close issues...