Security Advisory

CVE-2006-6574

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2006-12-15 19:00:00

Last updated 2024-08-07 20:33:59

Assigner mitre

State PUBLISHED

Description

Mantis before 1.1.0a2 does not implement per-item access control for Issue History (Bug History), which allows remote attackers to obtain sensitive information by reading the Change column, as demonstrated by the Change column of a custom field.

← Browse all CVEs View on cve.org ↗