CVE-2018-6526

CVE: CVE-2018-6526
Published: 2018-02-02T09:29Z
Vendor: mantisbt
Products: mantisbt
Versions: 2.10.0,
Description Language: en
Description: view_all_bug_page.php in MantisBT before 2018-02-02 allows remote attackers to discover the full path via an invalid filter parameter, related to a filter_ensure_valid_filter call in current_user_api.php.
References:
http://www.securityfocus.com/bid/103065
https://mantisbt.org/bugs/view.php?id=23921