GSA_kwCzR0hTQS12NjQyLW1oMjctOGo2bc4AA2gW

Moderate EPSS: 0.00366% (0.58082 Percentile) EPSS:

Permalink JSON

MantisBT may disclose project names to unauthorized users

Affected Packages	Affected Versions	Fixed Versions
packagist:mantisbt/mantisbt	<= 2.25.7	2.25.8
5 Dependent packages 4 Dependent repositories 37 Downloads total Affected Version Ranges All affected versions 2.3.0, 2.3.1, 2.3.2, 2.3.3, 2.4.0, 2.4.1, 2.4.2, 2.5.0, 2.5.1, 2.5.2, 2.6.0, 2.7.0, 2.7.1, 2.8.0, 2.8.1, 2.9.0, 2.9.1, 2.10.0, 2.10.1, 2.11.0, 2.11.1, 2.12.0, 2.12.1, 2.12.2, 2.13.0, 2.13.1, 2.13.2, 2.14.0, 2.15.0, 2.15.1, 2.16.0, 2.16.1, 2.17.0, 2.17.1, 2.17.2, 2.18.0, 2.18.1, 2.19.0, 2.19.1, 2.20.0, 2.20.1, 2.21.0, 2.21.1, 2.21.2, 2.21.3, 2.22.0, 2.22.1, 2.22.2, 2.23.0, 2.23.1, 2.24.0, 2.24.1, 2.24.2, 2.24.3, 2.24.4, 2.24.5, 2.25.0, 2.25.1, 2.25.2, 2.25.3, 2.25.4, 2.25.5, 2.25.6, 2.25.7 All unaffected versions 2.25.8, 2.26.0, 2.26.1, 2.26.2, 2.26.3, 2.26.4, 2.27.0, 2.27.1, 2.27.2, 2.27.3

Impact

Due to insufficient access-level checks on the Wiki redirection page, any user can reveal private Projects' names, by accessing wiki.php with sequentially incremented IDs.

Patches

The vulnerability has been fixed in MantisBT version 2.25.8 (https://github.com/mantisbt/mantisbt/commit/65c44883f9d24f3ccef066fb523c93d8fdd7afc1).

Workarounds

Disable wiki integration ( $g_wiki_enable = OFF;)

References

https://mantisbt.org/bugs/view.php?id=32981

References:

Identifiers

GHSA-v642-mh27-8j6m

CVE-2023-44394

Risk

Severity

Moderate

EPSS

EPSS Percentage: 0.00366

EPSS Percentile: 0.58082

Classification

General

Source

GitHub Advisory Database

Origin

Unspecified

Repository

https://github.com/mantisbt/mantisbt

Date and time

Published

about 2 years ago

Updated

3 months ago

API

JSON

ecosyste.ms

Data

Tools

Indexes

Applications

Experiments

Advisories