CVE-2013-1930
MEDIUMMantisBT 1.2.12-1.2.14 - Authenticated Workflow Bypass
Title source: llmDescription
MantisBT 1.2.12 before 1.2.15 allows authenticated users to by the workflow restriction and close issues.
References (8)
Core 8
Core References
Third Party Advisory x_refsource_misc
https://security-tracker.debian.org/tracker/CVE-2013-1930
Issue Tracking, Third Party Advisory x_refsource_misc
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-1930
Third Party Advisory, VDB Entry x_refsource_misc
http://www.securityfocus.com/bid/58890
Third Party Advisory x_refsource_misc
http://lists.fedoraproject.org/pipermail/package-announce/2013-April/103438.html
Third Party Advisory x_refsource_misc
http://lists.fedoraproject.org/pipermail/package-announce/2013-April/103459.html
Mailing List, Third Party Advisory x_refsource_misc
http://www.openwall.com/lists/oss-security/2013/04/06/4
Third Party Advisory, VDB Entry x_refsource_misc
https://exchange.xforce.ibmcloud.com/vulnerabilities/83796
Vendor Advisory x_refsource_misc
https://mantisbt.org/bugs/view.php?id=15453
Scores
CVSS v3
4.3
EPSS
0.0122
EPSS Percentile
65.1%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
Details
CWE
CWE-20
Status
published
Products (3)
fedoraproject/fedora
17
fedoraproject/fedora
18
mantisbt/mantisbt
1.2.12 - 1.2.15
Published
Oct 31, 2019
Tracked Since
Feb 18, 2026