Total vulnerabilities in the database
print_all_bug_page.php in Mantis 0.17.3 and earlier does not verify the limit_reporters option, which allows remote attackers to view bug summaries for bugs that would otherwise be restricted.
| Software | From | Fixed in |
|---|---|---|
| mantis / mantis | 0.17.0 | 0.17.0.x |
| mantis / mantis | 0.16.1 | 0.16.1.x |
| mantis / mantis | 0.17.2 | 0.17.2.x |
| mantis / mantis | 0.17.3 | 0.17.3.x |
| mantis / mantis | 0.17.1 | 0.17.1.x |
| mantis / mantis | 0.16.0 | 0.16.0.x |