Facebook Google Plus Twitter LinkedIn YouTube RSS Menu Search Resource - BlogResource - WebinarResource - ReportResource - Eventicons_066 icons_067icons_068icons_069icons_070

MantisBT 1.3.x < 1.3.4 Multiple Vulnerabilities



The remote web server is hosting an outdated web application that is vulnerable to multiple attack vectors.


Versions of MantisBT 1.3.x prior to 1.3.4 are affected by a flaw in the 'bug_update_page.php' script that is triggered as the 'view_handler_threshold' configuration value is not properly checked when editing handlers. This may allow a remote attacker to gain access to sensitive information.


Upgrade to MantisBT 1.3.4 or later.