Path Disclosure Vulnerability in MantisBT 2.10.0-development

Path Disclosure Vulnerability in MantisBT 2.10.0-development

CVE-2018-6526 · MEDIUM Severity

AV:N/AC:L/AU:N/C:P/I:N/A:N

view_all_bug_page.php in MantisBT 2.10.0-development before 2018-02-02 allows remote attackers to discover the full path via an invalid filter parameter, related to a filter_ensure_valid_filter call in current_user_api.php.

Learn more about our Api Penetration Testing.