oss-sec mailing list archives
RE: CVE-2014-6316: URL redirection issue in MantisBT
From: "P Richards" <paul () mantisforge org>
Date: Fri, 5 Dec 2014 22:35:15 -0000
"Paul Richards also found another redirection issue in permalink_page.php, which turned out to have the same root cause." And nik-picking here, but the issue that I identified in permalink_page.php I believe was a cross site scripting issue and not a URL redirection vulnerability so should probably be allocated a separate CVE identifier? The http request headers of the permalink_page.php issue that I recall are at http://tinypic.com/r/2dh8y1f/8 and relate to a XSS vulnerability and not a URL Redirection as shown in the image linked.
Current thread:
- CVE-2014-6316: URL redirection issue in MantisBT Damien Regad (Dec 03)
- RE: CVE-2014-6316: URL redirection issue in MantisBT P Richards (Dec 05)
- RE: CVE-2014-6316: URL redirection issue in MantisBT P Richards (Dec 05)