CVE-2018-9839

MEDIUM

MantisBT < 1.3.14 and 2.0.0 - Authenticated Private Issue Data Exposure via Cloning

Title source: llm

Description

An issue was discovered in MantisBT through 1.3.14, and 2.0.0. Using a crafted request on bug_report_page.php (modifying the 'm_id' parameter), any user with REPORTER access or above is able to view any private issue's details (summary, description, steps to reproduce, additional information) when cloning it. By checking the 'Copy issue notes' and 'Copy attachments' checkboxes and completing the clone operation, this data also becomes public (except private notes).

References (2)

Core 2

Core References

Exploit, Issue Tracking, Third Party Advisory x_refsource_misc

https://mantisbt.org/bugs/view.php?id=24221

Patch, Third Party Advisory x_refsource_confirm

https://github.com/mantisbt/mantisbt/commit/1fbcd9bca2f2c77cb61624d36ddee4b3802c38ea

View Patch ZIP pw:eip

Scores

CVSS v3 6.5

EPSS 0.0124

EPSS Percentile 65.3%

Attack Vector NETWORK

CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

Details

CWE

CWE-20

Status published

Products (2)

mantisbt/mantisbt 2.0.0

mantisbt/mantisbt < 1.3.14

Published Jun 06, 2019

Tracked Since Feb 18, 2026