GHSA-crmx-4p49-46m2 — medium GitHub Advisory (CVE-2026-34970) in composer/mantisbt/mantisbt

Description

MantisBT allows a bugnote author to access the note's Revisions page after losing access to the parent private issue.

Disclosure of the private Issue's Id and Summary. The bugnote full revision body remains secure.

None

Thanks to Vishal Shukla for discovering and responsibly reporting the issue.

Base score	Version	Severity	Vector
5.3	4.0	—	`CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N` Click to expand Attack vector (AV:N) Could be attacked over the internet or any normal routed network. Attack complexity (AC:L) Exploitation conditions are straightforward and stable. Attack requirements (AT:N) No additional preconditions are required beyond normal reachability. Privileges required (PR:L) Low privileges are required. User interaction (UI:N) No user interaction is required. Vulnerable system confidentiality impact (VC:L) Limited confidentiality impact on the vulnerable system. Vulnerable system integrity impact (VI:N) No integrity impact on the vulnerable system. Vulnerable system availability impact (VA:N) No availability impact on the vulnerable system. Subsequent system confidentiality impact (SC:N) No confidentiality impact on subsequent systems. Subsequent system integrity impact (SI:N) No integrity impact on subsequent systems. Subsequent system availability impact (SA:N) No availability impact on subsequent systems.

Type	Value
GHSA	GHSA-crmx-4p49-46m2 ↗
CVE	CVE-2026-34970 ↗

CWE id	Name
CWE-200	Exposure of Sensitive Information to an Unauthorized Actor

Vulnerable version ranges and first patched releases as published by GitHub.

Ecosystem	Package	Vulnerable range	First patched	Vulnerable functions
composer	mantisbt/mantisbt	<= 2.28.1	2.28.2	—