Description
An issue was discovered in MantisBT through 1.3.14, and 2.0.0. Using a crafted request on bug_report_page.php (modifying the 'm_id' parameter), any user with REPORTER access or above is able to view any private issue's details (summary, description, steps to reproduce, additional information) when cloning it. By checking the 'Copy issue notes' and 'Copy attachments' checkboxes and completing the clone operation, this data also becomes public (except private notes).
References (2)
Core 2
Core References
Exploit, Issue Tracking, Third Party Advisory x_refsource_misc
https://mantisbt.org/bugs/view.php?id=24221
Patch, Third Party Advisory x_refsource_confirm
https://github.com/mantisbt/mantisbt/commit/1fbcd9bca2f2c77cb61624d36ddee4b3802c38ea
Scores
CVSS v3
6.5
EPSS
0.0023
EPSS Percentile
45.5%
Attack Vector
NETWORK
CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
Details
CWE
CWE-20
Status
published
Products (2)
mantisbt/mantisbt
2.0.0
mantisbt/mantisbt
< 1.3.14
Published
Jun 06, 2019
Tracked Since
Feb 18, 2026