CVE-2018-6526

view_all_bug_page.php in MantisBT 2.10.0-development before 2018-02-02 allows remote attackers to discover the full path via an invalid filter parameter, related to a filter_ensure_valid_filter call in current_user_api.php.

Published : 2018-02-02 09:29 Updated : 2018-04-08 01:29

5.0
CVSS Score More info
Score 5.0 / 10
5.0
Vendor Product Version URI
Mantisbt Mantisbt 2.10.0 cpe:/a:mantisbt:mantisbt:2.10.0
  1. Mantisbt (1) Search CVE
    1. Mantisbt (1) Search CVE
      1. 2.10.0

CWE

ID Name Description Links
CWE-200 Information Exposure An information exposure is the intentional or unintentional disclosure of information to an actor that is not explicitly authorized to have access to that information. CVE

History of changes

Date Event
2018-04-08 01:29
2018-02-21 14:18
2018-02-20 19:39
2018-02-04 02:29
2018-02-02 09:29

New CVE