Cleartext Storage of Database Password in Mantis 0.17.5 and Earlier

Cleartext Storage of Database Password in Mantis 0.17.5 and Earlier

CVE-2003-0499 · LOW Severity

AV:L/AC:L/AU:N/C:P/I:P/A:N

Mantis 0.17.5 and earlier stores its database password in cleartext in a world-readable configuration file, which allows local users to perform unauthorized database operations.

Learn more about our User Device Pen Test.