View Issue Details

IDProjectCategoryView StatusLast Update
0027727mantisbtsecuritypublic2022-10-08 09:04
Reporterd3vpoo1 Assigned Todregad  
Status closedResolutionfixed 
Target Version2.24.4Fixed in Version2.24.4 
Summary0027727: CVE-2020-29605: Disclosure of private issue summary

Due to insufficient access level checks, any user allowed to perform Group Actions can get access to private Issues' Summary, using a crafted bug_actiongroup_page.php URL. Target Issues can be marked as private, or belong to a private Project.

Steps To Reproduce
  1. Login as unprivileged user (tested successfully with a VIEWER account)
  3. Behold the private issue's Summary in the list of selected issues
Additional Information

This vulnerability was originally reported by @d3vpoo1 in 0027357.

TagsNo tags attached.


related to 0027728 closeddregad CVE-2020-29604: Full disclosure of private issue contents, including bugnotes and attachments 
related to 0031086 closeddregad CVE-2023-22476: Private issue summary disclosure 
child of 0027357 closeddregad Attacker can leak private information via different functionality 




2020-12-07 17:59

developer   ~0064770

Last edited: 2020-12-07 18:05

CVE Request 997513 for CVE ID Request -- CVE-2020-29605 assigned

Related Changesets

MantisBT: master 12a9dcbb

2020-12-06 13:08


Details Diff
Prevent disclosure of private issue summary

Insufficient access level checks allowed an attacker to display private
issues' summary via Group Actions (bug_actiongroup_page.php).

Going through the provided list of issue IDs (bug_arr[]) and removing
any issues the user does not have access to, fixes the vulnerability.

Credits to d3vpoo1 ( for reporting the issue.

Fixes 0027727, 0027357, CVE-2020-29605
Affected Issues
0027357, 0027727
mod - bug_actiongroup_page.php Diff File

MantisBT: master 9322c8c9

2020-12-29 05:02


Details Diff
Per-project cache of view_bug_threshold

As suggested by @vboctor during review, the threshold can be different
in each project, so we need to check them individually.

Fixes 0027727
Affected Issues
mod - bug_actiongroup_page.php Diff File