CVE-2018-9839 Information

Description

An issue was discovered in MantisBT through 1.3.14 and 2.0.0. Using a crafted request on bug_report_page.php (modifying the ’m_id’ parameter) any user with REPORTER access or above is able to view any private issue’s details (summary description steps to reproduce additional information) when cloning it. By checking the ‘Copy issue notes’ and ‘Copy attachments’ checkboxes and completing the clone operation this data also becomes public (except private notes).

CVSS Vector

CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

Reference

https://github.com/mantisbt/mantisbt/commit/1fbcd9bca2f2c77cb61624d36ddee4b3802c38ea https://mantisbt.org/bugs/view.php?id=24221

Attack Complexity

LOW

Privileges Required

LOW

User Interaction Required

LOW

Scope

NONE

Confidentiality Impact

UNCHANGED

Integrity Impact

HIGH

Availability Impact

NONE

Base Score

NONE

Base Severity

6.5