CVE-2018-6526

Published February 2nd, 2018

View on NVD ↗

CVSS v3

N/A

CVSS v2

MEDIUM

Affected

PROJECT

Description

view_all_bug_page.php in MantisBT 2.10.0-development before 2018-02-02 allows remote attackers to discover the full path via an invalid filter parameter, related to a filter_ensure_valid_filter call in current_user_api.php.

mantisbt/mantisbt

Mantis Bug Tracker (MantisBT)

GitHub

1.78K