CVE-2025-62520 | mantisbt Mantis Bug Tracker up to 2.27.1 Private Project manage_config_columns_page.php improper authorization (GHSA-g582-8vwr-68h2)

A vulnerability, which was classified as critical, was found in mantisbt Mantis Bug Tracker up to 2.27.1. The impacted element is an unknown function of the file manage_config_columns_page.php of the component Private Project Handler. Executing manipulation can lead to improper authorization.

This vulnerability appears as CVE-2025-62520. The attack may be performed from remote. There is no available exploit.

You should upgrade the affected component.VulDB Recent EntriesRead More