CVE-2020-35849 is a vulnerability in MantisBT
Published on December 30, 2020
An issue was discovered in MantisBT before 2.24.4. An incorrect access check in bug_revision_view_page.php allows an unprivileged attacker to view the Summary field of private issues, as well as bugnotes revisions, gaining access to potentially confidential information via the bugnote_id parameter.
Products Associated with CVE-2020-35849
Want to know whenever a new CVE is published for MantisBT? stack.watch will email you.
Exploit Probability
EPSS
1.60%
Percentile
72.63%
EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.