ByteOS Network

NVD Vulnerability Details :

CVE-2024-45792

Analyzed

Source-security-advisories@github.com

Published At-30 Sep, 2024 | 15:15

Updated At-15 Aug, 2025 | 14:09

Mantis Bug Tracker (MantisBT) is an open source issue tracker. Using a crafted POST request, an unprivileged, registered user is able to retrieve information about other users' personal system profiles. This vulnerability is fixed in 2.26.4.

Date Added	Due Date	Vulnerability Name	Required Action
	N/A

Metrics

Type	Version	Base score	Base severity	Vector
Secondary	4.0	5.3	MEDIUM	CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Primary	3.1	6.5	MEDIUM	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

CPE Matches

Mantis Bug Tracker (MantisBT)

>>mantisbt>>Versions before 2.26.4(exclusive)

cpe:2.3:a:mantisbt:mantisbt:*:*:*:*:*:*:*:*

Weaknesses

CWE ID	Type	Source
CWE-200	Primary	security-advisories@github.com
NVD-CWE-noinfo	Primary	nvd@nist.gov

References

Hyperlink	Source	Resource
https://github.com/mantisbt/mantisbt/commit/ef0f820284032350cc20a39ff9cb2010d5463b41	security-advisories@github.com	Patch
https://github.com/mantisbt/mantisbt/security/advisories/GHSA-h5q3-fjp4-2x7r	security-advisories@github.com	Patch Vendor Advisory
https://mantisbt.org/bugs/view.php?id=34640	security-advisories@github.com	Issue Tracking

CISA Catalog

Metrics

CPE Matches

Weaknesses

Evaluator Description

Evaluator Impact

Evaluator Solution

Vendor Statements

References

Change History