2012-06-29 19:00:00
redhat
PUBLISHED
MantisBT before 1.2.9 does not properly check permissions, which allows remote authenticated users with manager privileges to (1) modify or (2) delete global categories.