6 matches found
Information Exposure
Overview Affected versions of this package are vulnerable to Information Exposure in the Notification API after access revocation. An attacker can obtain unauthorized access to private issue metadata by querying the API after their access has been revoked. Remediation Upgrade...
CVE-2026-58419
Notification API leaks private issue metadata after access revocation...
CVE-2026-58419
Notification API leaks private issue metadata after access revocation...
CVE-2026-58419 Notification API leaks private issue metadata after access revocation
Notification API leaks private issue metadata after access revocation...
PT-2026-55653
Name of the Vulnerable Software and Affected Versions Notification API affected versions not specified Description The Notification API leaks private issue metadata after access has been revoked. Recommendations At the moment, there is no information about a newer version that contains a fix for...
CVE-2026-34970 MantisBT Bugnote Revision Page Leaks Private Issue Metadata After Issue Access Is Revoked
Mantis Bug Tracker MantisBT is an open source issue tracker. Versions 2.28.1 and prior allow a bugnote author to access the note's Revisions page after losing access to the parent private issue. This issue has been fixed in version 2.28.2...