VULHUB ™

Mantis is affected by a vulnerability that may allow unauthorized access to files. A logged in user is able to download Mantis-related files from a site hosting the affected application. This vulnerability has the potential to expose sensitive information maintained on the site, such as private bug reports. The vendor has released little information on this vulnerability other than to state it has been corrected in Mantis 0.18.3.

Mantis is affected by a vulnerability that may allow unauthorized access to files. A logged in user is able to download Mantis-related files from a site hosting the affected application. This vulnerability has the potential to expose sensitive information maintained on the site, such as private bug reports. The vendor has released little information on this vulnerability other than to state it has been corrected in Mantis 0.18.3.