CVE-2008-2276

Matisbt Mantis - CSRF

Title source: rule

Description

Cross-site request forgery (CSRF) vulnerability in manage_user_create.php in Mantis 1.1.1 allows remote attackers to create new administrative users via a crafted link.

Exploits (1)

exploitdb WRITEUP VERIFIED
by USH · textwebappsphp
https://www.exploit-db.com/exploits/5657

References (12)

Scores

EPSS 0.0194
EPSS Percentile 83.2%

Classification

CWE
CWE-352
Status draft

Affected Products (1)

matisbt/mantis

Timeline

Published May 16, 2008
Tracked Since Feb 18, 2026