CVE-2006-6515 Information

Description

Mantis before 1.1.0a2 sets the default value of $g_bug_reminder_threshold to \reporter\ instead of a more privileged role which has unknown impact and attack vectors possibly related to frequency of reminders.

Reference

http://sourceforge.net/project/shownotes.php?release_id=469627 http://www.mantisbugtracker.com/changelog.php