CVE-2013-1930

MEDIUM

MantisBT 1.2.12-1.2.14 - Authenticated Workflow Bypass

Title source: llm
STIX 2.1

Description

MantisBT 1.2.12 before 1.2.15 allows authenticated users to by the workflow restriction and close issues.

References (8)

Core 8
Core References
Third Party Advisory x_refsource_misc
https://security-tracker.debian.org/tracker/CVE-2013-1930
Issue Tracking, Third Party Advisory x_refsource_misc
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-1930
Third Party Advisory, VDB Entry x_refsource_misc
http://www.securityfocus.com/bid/58890
Mailing List, Third Party Advisory x_refsource_misc
http://www.openwall.com/lists/oss-security/2013/04/06/4
Third Party Advisory, VDB Entry x_refsource_misc
https://exchange.xforce.ibmcloud.com/vulnerabilities/83796
Vendor Advisory x_refsource_misc
https://mantisbt.org/bugs/view.php?id=15453

Scores

CVSS v3 4.3
EPSS 0.0122
EPSS Percentile 65.1%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N

Details

CWE
CWE-20
Status published
Products (3)
fedoraproject/fedora 17
fedoraproject/fedora 18
mantisbt/mantisbt 1.2.12 - 1.2.15
Published Oct 31, 2019
Tracked Since Feb 18, 2026