← Back

CVE-2002-1112

nvd nist
Published: Oct 4, 2002Modified: Apr 16, 2026

JSON object

Loading...
5.0
Vector
AV:N/AC:L/Au:N/C:P/I:N/A:N
Exploitability: 10.0 / Impact: 2.9
Source: NVD

Description

Mantis before 0.17.4 allows remote attackers to list project bugs without authentication by modifying the cookie that is used by the "View Bugs" page.

Affected (16)

Products: Mantis: Mantis
Mantis
1 product
Mantis
Configuration A
16 vulnerable
Vulnerable SoftwareAffected Versions
Mantis
Mantis
Version 0.15.10
Mantis
Version 0.15.11
Mantis
Version 0.15.12
Mantis
Version 0.15.3
Mantis
Version 0.15.4
Mantis
Version 0.15.5
Mantis
Version 0.15.6
Mantis
Version 0.15.7
Mantis
Version 0.15.8
Mantis
Version 0.15.9
Mantis
Version 0.16.0
Mantis
Version 0.16.1
Mantis
Version 0.17.0
Mantis
Version 0.17.1
Mantis
Version 0.17.2
Mantis
Version 0.17.3

References (10)

Source: cve@mitre.org
Source: cve@mitre.org
Source: cve@mitre.org
PatchVendor Advisory
Source: cve@mitre.org
PatchVendor Advisory
Source: cve@mitre.org
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
PatchVendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
PatchVendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.