Mantisbt · Mantisbt · CVE-2023-44394
**Name of the Vulnerable Software and Affected Versions**
MantisBT versions prior to 2.258
**Description**
MantisBT is an open source bug tracker. Due to insufficient access-level checks on the Wiki redirection page, any user can reveal private Projects' names, by accessing wiki.php with sequentially incremented IDs.
**Recommendations**
For versions prior to 2.258, upgrade to version 2.258 or later.
For users unable to upgrade, disable wiki integration by setting `$g wiki enable = OFF;`.