Common Vulnerabilities and Exposures assigned an identifier CVE-2014-9506 to
the following vulnerability:
MantisBT before 1.2.18 does not properly check permissions when
sending an email that indicates when a monitored issue is related to
another issue, which allows remote authenticated users to obtain
sensitive information about restricted issues.