CVE-2023-22476

Published: Feb 23, 2023Modified: Nov 21, 2024

4.3

Vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

Exploitability: 2.8 / Impact: 1.4

Source: NVD

Description

Mantis Bug Tracker (MantisBT) is an open source issue tracker. In versions prior to 2.25.6, due to insufficient access-level checks, any logged-in user allowed to perform Group Actions can access to the _Summary_ field of private Issues (i.e. having Private view status, or belonging to a private Project) via a crafted `bug_arr[]` parameter in *bug_actiongroup_ext.php*. This issue is fixed in version 2.25.6. There are no workarounds.

Affected (1)

Products: Mantisbt: Mantisbt

1 product

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Mantisbt Mantisbt	Before 2.25.6

Related CWEs

Exposure of Sensitive Information to an Unauthorized Actor

The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.

References (4)

https://github.com/mantisbt/mantisbt/security/advisories/GHSA-hf4x-6h87-hm79

Source: security-advisories@github.com

Third Party Advisory

https://www.mantisbt.org/bugs/view.php?id=31086

Source: security-advisories@github.com

ExploitIssue TrackingVendor Advisory

https://github.com/mantisbt/mantisbt/security/advisories/GHSA-hf4x-6h87-hm79

Source: af854a3a-2127-422b-91ae-364da2661108

Third Party Advisory

https://www.mantisbt.org/bugs/view.php?id=31086

Source: af854a3a-2127-422b-91ae-364da2661108

ExploitIssue TrackingVendor Advisory

Timeline

No history available yet.