CVE-2023-22476

Summary

Mantis Bug Tracker (MantisBT) is an open source issue tracker. In versions prior to 2.25.6, due to insufficient access-level checks, any logged-in user allowed to perform Group Actions can access to the Summary field of private Issues (i.e. having Private view status, or belonging to a private Project) via a crafted bug_arr[] parameter in bug_actiongroup_ext.php. This issue is fixed in version 2.25.6. There are no workarounds.

Affected Software

VendorProductVersion RangeStatus
mantisbtmantisbt< 2.25.6affected

Weaknesses

  • CWE-200: CWE-200: Exposure of Sensitive Information to an Unauthorized Actor

ADP Enrichment

CVE Program Container

Additional References

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: poc
    • Automatable: no
    • Technical Impact: partial

References