CVE-2025-47776

High CVSS: 8.8

Mantis Bug Tracker (MantisBT) is an open source issue tracker. Due to incorrect use of loose (==) instead of strict (===) comparison in the authentication code in versions 2.27.1 and below.PHP type juggling will cause certain MD5 hashes matching scientific notation to be interpreted as numbers. Instances using the MD5 login method allow an attacker who knows the victim's username and has access to an account with a password hash that evaluates to zero to log in without knowing the victim's actual password, by using any other password with a hash that also evaluates to zero This issue is fixed in version 2.27.2.

Vendor

Mantisbt

Product

Mantisbt

CWE

CWE-305

Yayın Tarihi

2025-11-04 21:15:37

Güncelleme

2025-11-10 17:59:50

Source Identifier

security-advisories@github.com

KEV Date Added

Kategoriler

CWE-305 Mantisbt HIGH Mantisbt 2025

Referanslar

https://github.com/mantisbt/mantisbt/commit/966554a19cf1bdbcfbfb3004766979faa748f9a2 https://github.com/mantisbt/mantisbt/security/advisories/GHSA-4v8w-gg5j-ph37

Benzer Kayıtlar

High

CVE-2026-33517

Mantis Bug Tracker (MantisBT) is an open source issue tracker. In version 2.28.0, when deleting a Tag (tag_delete.php),…

High

CVE-2026-33548

Mantis Bug Tracker (MantisBT) is an open source issue tracker. In version 2.28.0, improper escaping of tag names retriev…

Critical

CVE-2026-30849

Mantis Bug Tracker (MantisBT) is an open source issue tracker. Versions prior to 2.28.1 running on MySQL family database…

Medium

CVE-2025-62520

Mantis Bug Tracker (MantisBT) is an open source issue tracker. In versions 2.27.1 and below, due to insufficient access-…

Medium

CVE-2025-55155

Mantis Bug Tracker (MantisBT) is an open source issue tracker. In versions 2.27.1 and below, when a user edits their pro…

Medium

CVE-2025-46556

Mantis Bug Tracker (MantisBT) is an open source issue tracker. Versions 2.27.1 and below allow attackers to permanently…