oss-sec mailing list archives
Advisory: XSS issues in MantisBT (CVE-2017-6797, CVE-2017-6799)
From: Damien Regad <dregad () mantisbt org>
Date: Fri, 10 Mar 2017 12:56:25 +0100
Please take note of the following 2 cross-site scripting issues in MantisBT Best regards Damien Regad MantisBT developer 1. CVE-2017-6797: XSS in bug_change_status_page.php A cross-site scripting (XSS) vulnerability in bug_change_status_page.php allows remote attackers to inject arbitrary JavaScript via the 'action_type' parameter. Affected versions: 1.3.0-beta.3 through 2.2.0 Fixed in versions: 1.3.7, 2.2.1 (not yet released) Patch: - 1.3: https://github.com/mantisbt/mantisbt/commit/a2d90ecabf3bcf3aa22ed9dbbecfd3d37902956f - 2.x: https://github.com/mantisbt/mantisbt/commit/c272c3f65da9677e505ff692b1f1e476b3afa56e Credits: Reported by Etienne Landais, fixed by Damien Regad (MantisBT developer) References: MantisBT issue tracker http://www.mantisbt.org/bugs/view.php?id=22486 2. CVE-2017-6799 - XSS in view_filters_page.php A cross-site scripting (XSS) vulnerability in view_filters_page.php allows remote attackers to inject arbitrary JavaScript via the 'view_type' parameter. Affected versions: 2.1.0 through 2.2.0; fixed Fixed in versions: 2.2.1 (not yet released) Patch: https://github.com/mantisbt/mantisbt/commit/1677251434b6e8b2be8f1d4376a3e78f7be14d95 Credits: Reported by Etienne Landais, fixed by Damien Regad (MantisBT developer) References: MantisBT issue tracker http://www.mantisbt.org/bugs/view.php?id=22497
Current thread:
- Advisory: XSS issues in MantisBT (CVE-2017-6797, CVE-2017-6799) Damien Regad (Mar 10)