Mantisbt · Mantisbt · CVE-2012-5523
**Name of the Vulnerable Software and Affected Versions**
MantisBT versions prior to 1.2.12
**Description**
The issue concerns the management of e-mail notifications about restricted bugs. It might allow remote authenticated users to obtain sensitive information by adding a note to a bug before losing permission to view that bug.
**Recommendations**
For versions prior to 1.2.12, update to version 1.2.12 or later to resolve the issue.