CVE-2025-47776: MantisBT vulnerable to authentication bypass for some passwords due to PHP type juggling
(updated )
Due to an incorrect use of loose (==) instead of strict (===) comparison in the authentication code, PHP type juggling will cause interpretation of certain MD5 hashes as numbers, specifically those matching scientific notation.
References
- github.com/advisories/GHSA-4v8w-gg5j-ph37
- github.com/mantisbt/mantisbt
- github.com/mantisbt/mantisbt/blob/0fb502dd613991e892ed2224ac5ea3e40ba632bc/core/authentication_api.php
- github.com/mantisbt/mantisbt/commit/966554a19cf1bdbcfbfb3004766979faa748f9a2
- github.com/mantisbt/mantisbt/security/advisories/GHSA-4v8w-gg5j-ph37
- mantisbt.org/bugs/view.php?id=35967
- nvd.nist.gov/vuln/detail/CVE-2025-47776
Code Behaviors & Features
Detect and mitigate CVE-2025-47776 with GitLab Dependency Scanning
Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →