An issue was discovered in MantisBT through 1.3.14, and 2.0.0. Using a crafted request on bug_report_page.php (modifying the 'm_id' parameter), any user with REPORTER access or above is able to view any private issue's details (summary, description, steps to reproduce, additional information) when cloning it. By checking the 'Copy issue notes' and 'Copy attachments' checkboxes and completing the clone operation, this data also becomes public (except private notes).
References
Link | Resource |
---|---|
https://github.com/mantisbt/mantisbt/commit/1fbcd9bca2f2c77cb61624d36ddee4b3802c38ea | Patch Third Party Advisory |
https://mantisbt.org/bugs/view.php?id=24221 | Issue Tracking Exploit Third Party Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: mitre
Published: 2019-06-06T18:17:04
Updated: 2019-06-06T18:17:04
Reserved: 2018-04-07T00:00:00
Link: CVE-2018-9839
JSON object: View
NVD Information
Status : Analyzed
Published: 2019-06-06T19:29:00.297
Modified: 2019-06-09T18:57:15.233
Link: CVE-2018-9839
JSON object: View
Redhat Information
No data.
CWE