CVE-2012-1122

Name of the Vulnerable Software and Affected Versions MantisBT versions prior to 1.2.9

Description The issue concerns a permission checking flaw in bug actiongroup.php. This flaw allows remote authenticated users with certain privileges to bypass access restrictions and move bug reports to different projects.

Recommendations For versions prior to 1.2.9, update to version 1.2.9 or later to resolve the issue.