oss-sec mailing list archives
Re: CVE request: MantisBT before 1.2.13 match_type XSS vulnerability
From: Kurt Seifried <kseifried () redhat com>
Date: Fri, 18 Jan 2013 13:04:48 -0700
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On 01/18/2013 04:31 AM, David Hicks wrote:
Hi list, Jakub Galczyk discovered[1][2] a cross site scripting (XSS) vulnerability in MantisBT 1.2.12 and earlier versions that allows a malicious person to trick the browser of a target user into executing arbitrary JavaScript via the URL: search.php?match_type="><script... This vulnerability is particularly wide reaching due to search.php being usable by anonymous users on public facing installations of MantisBT (no user account required). Patches against 1.2.x and master branches are attached and alternatively available at [2]. References: [1] http://hauntit.blogspot.de/2013/01/en-mantis-bug-tracker-1212-persistent.html
[2] http://www.mantisbt.org/bugs/view.php?id=15373
The MantisBT project will release MantisBT 1.2.13 shortly and advise popular Linux distributions packaging MantisBT to either apply the patch or bump package versions to 1.2.13. Can a CVE ID please be assigned to this issue? With thanks, David Hicks MantisBT Developer #mantisbt irc.freenode.net http://www.mantisbt.org/bugs/ Bcc: mantisbt-dev () lists sourceforge net
Please use CVE-2013-0197 for this issue. - -- Kurt Seifried Red Hat Security Response Team (SRT) PGP: 0x5E267993 A90B F995 7350 148F 66BF 7554 160D 4553 5E26 7993 -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.12 (GNU/Linux) iQIcBAEBAgAGBQJQ+arfAAoJEBYNRVNeJnmTmFEP/28iPEY+BZRxSnVeZEl+iK2c N7jpChQMGr/Pm+R8Zvi/wtwWretAs/TLitXFO+smd6X0LnM5ar1U/9SnJj9a2Ep7 6ZOVDLRz7p6q8Op8twlFDYuAfnpWfAPe0ruEza5LFADyWEUUT0xXmv5NL+pqdF+0 sx+5GHOUVqjnvm4vNPdJL5v3IMpEDH+9OWEuSSAFJ+RUG2cXW181PdRIvVXmsO/S /UcwiCJTLeM0VoYqFHt5r0aYpDGTAKoJs+9XPP/cfmK69rzG+HRx5IZXIrMbB3SY liCMQcD22lWTJhPLA68zRAxTPnJO1ec7NmjntJ5Gp0m+0pVKtXI2DVJFgRPpdHFH DIa30q9xsKof5d77QPisJkCJAJ+BvqLLG6PsMUwWlzF8vwGAmSHqzG8UZStMRe4W IWu0uj2l87g2o4P5ulJCcFDIqKO8LwoDBcu8yaCyMPX3N6d0z9SGmQSwL08zdxq8 RXcN6vBQxNpnEBsyups99UyYXr5CEnXZqZlGfVbVNCz25yqLW8iPFZ6ihKN9jX7h XDDG+u1AuGk+7WBJ5EqHXFA2NKFiEtghGtot14LrqXHst8g6cNlyKpbHvpakVRF0 F8yqqEzA4WYet0PTNnbHbA2jQoJ9l1n54GT51peNnocG+29m093tM7O5iF2daM/W bUxSPRuQ1qI1i1iS5p46 =4IdZ -----END PGP SIGNATURE-----
Current thread:
- CVE request: MantisBT before 1.2.13 match_type XSS vulnerability David Hicks (Jan 18)
- Re: CVE request: MantisBT before 1.2.13 match_type XSS vulnerability Kurt Seifried (Jan 18)
- Re: CVE request: MantisBT before 1.2.13 match_type XSS vulnerability Damien Regad (Jan 21)
- Re: CVE request: MantisBT before 1.2.13 match_type XSS vulnerability Kurt Seifried (Jan 18)