CVE-2020-25781 is a vulnerability in MantisBT
Published on September 30, 2020

An issue was discovered in file_download.php in MantisBT before 2.24.3. Users without access to view private issue notes are able to download the (supposedly private) attachments linked to these notes by accessing the corresponding file download URL directly.

NVD

Products Associated with CVE-2020-25781

Want to know whenever a new CVE is published for MantisBT? stack.watch will email you.

MantisBT

Exploit Probability

EPSS

0.93%

Percentile

55.76%

EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.

CVE-2020-25781 is a vulnerability in MantisBTPublished on September 30, 2020

Products Associated with CVE-2020-25781

Exploit Probability

CVE-2020-25781 is a vulnerability in MantisBT
Published on September 30, 2020