oss-sec mailing list archives

Previous By Date Next
Previous By Thread Next

Re: CVE request: mantis before 1.2.12

From: Damien Regad <damien.regad () merckgroup com>
Date: Fri, 18 Jan 2013 13:20:49 +0000 (UTC)
 <cve-assign@...> writes:

We didn't think this was about information disclosure. Our
interpretation is that CVE-2012-5522 (aka bug 14496) is about which
users are allowed to change the status of a bug:


A bit late to confirm, but anyway... The above analysis is absolutely correct.

Damien Regad
MantisBT developer
Previous By Date Next
Previous By Thread Next

Current thread: