First published: Thu Nov 07 2019(Updated: )
An access control issue in MantisBT before 1.2.13 allows users with "Reporter" permissions to change any issue to "New".
Credit: secalert@redhat.com
Affected Software | Affected Version | How to fix |
---|---|---|
Mantisbt Mantisbt | <1.2.13 | |
Debian Debian Linux | =6.0 | |
Debian Debian Linux | =7.0 | |
debian/mantis |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2013-1811 is an access control issue in MantisBT before 1.2.13 that allows users with "Reporter" permissions to change any issue to "New".
The severity of CVE-2013-1811 is medium with a CVSS score of 4.3.
To fix CVE-2013-1811, upgrade MantisBT to version 1.2.13 or later.
You can find more information about CVE-2013-1811 on the Debian Security Tracker and Debian Security Advisory websites.
The CWE of CVE-2013-1811 is CWE-20: Improper Input Validation.