Description
An issue was discovered in MantisBT before 2.24.5. It associates a unique cookie string with each user. This string is not reset upon logout (i.e., the user session is still considered valid and active), allowing an attacker who somehow gained access to a user's cookie to login as them.
References (2)
Core 2
Core References
Exploit, Issue Tracking, Vendor Advisory x_refsource_misc
https://mantisbt.org/bugs/view.php?id=27976
Issue Tracking, Vendor Advisory x_refsource_misc
https://mantisbt.org/bugs/view.php?id=11296
Scores
CVSS v3
8.1
EPSS
0.0090
EPSS Percentile
54.7%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N
Details
CWE
CWE-613
Status
published
Products (2)
mantisbt/mantisbt
< 2.24.5
mantisbt/mantisbt
0 - 2.24.5Packagist
Published
Mar 07, 2021
Tracked Since
Feb 18, 2026