oss-sec mailing list archives
Re: MantisBT: XSS in custom fields management
From: cve-assign () mitre org
Date: Sat, 11 Jun 2016 11:37:06 -0400 (EDT)
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256
Please assign a CVE ID for the following issue. unescaped output of 'return URL' GPC parameter https://mantisbt.org/bugs/view.php?id=20956 https://github.com/mantisbt/mantisbt/commit/5068df2dcf79c34741c746c9b27e0083f2a374da https://github.com/mantisbt/mantisbt/commit/11ab3d6c82a1d3a89b1024f77349fb60a83743c5
As far as we can tell, this is best interpreted as a single XSS vulnerability, even though: - "Also `print_bracket_link()` function doesn't check if link is `data:` or `javascript:`" is a separate observation - the number of .php files changed in 1.2.x is different from the number of .php files changed in 1.3.x Use CVE-2016-5364. - -- CVE Assignment Team M/S M300, 202 Burlington Road, Bedford, MA 01730 USA [ A PGP key is available for encrypted communications at http://cve.mitre.org/cve/request_id.html ] -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIcBAEBCAAGBQJXXC9xAAoJEHb/MwWLVhi2D7YP/2UaDjwKLEa6K+aUJG+Zbk87 BGlRRVrzTY6co+uErHZIG/XgAho7QERN68LhjVrI3IYqBgogOlNDLtiyusM2T8W7 1gQA+paYuhcIVlI53IxsMM6ooww4rTyp4pR1fGxyRt7BhVVBs7XJzv+AJy+qxBM9 3TF/TwDvTGV0agcefOkQq0Y2iXbvWDf3R8/rX/IOYabYDXvODgzYR+szWrm9BanR GV1Ls2Lzty5FU+/uK0KC9/WFx9JhifO19S+8J7hR9eptpgt2eMX2pxHWdTzFp//b iSJXlInaXzueSy6UIuuDExOmKATtwl7P/0fn1GIkBzmeVoid/BQNircidhvx8ddJ yTNKEwFNShNKevCLuDabwSXqAfmnXyfz8K+7KmsYnj9gzV+jQkmfM6o0/nV1mfp1 mEErz8WD7UqO+K1s8noZQZjmjzlpCFM8WKTPYnWP/Z6HU75qfQl3SBJV9wEiuBB6 ulcnQpzRFveAeZIjTuPfhLir7t8Lufl8Dx28iavlPmTBeSHlQL1oolEBvMD1svcX s1H3tMqxj+MW3FJ+ZJKqqHEeaOpSZNaMmKE1NFa/S8YEo19aU7UFquxFspC0KvWk 86aAwfboUlUm5o9bHjiSr0X48DHl7ZzFcjxvoANM6cA49UWhMQK6H7LzDBgYIZRb K+G0fIbWtCCpW1a5DvNl =VLAF -----END PGP SIGNATURE-----
Current thread:
- MantisBT: XSS in custom fields management Damien Regad (Jun 10)
- Re: MantisBT: XSS in custom fields management cve-assign (Jun 11)
- Re: MantisBT: XSS in custom fields management Damien Regad (Jun 11)
- Re: MantisBT: XSS in custom fields management cve-assign (Jun 11)