oss-sec mailing list archives
Re: Re: Multiple CVE requests for MantisBT
From: Damien Regad <damien.regad () merckgroup com>
Date: Mon, 8 Apr 2013 23:30:19 +0200 (CEST)
Kurt Seifried <kseifried () redhat com> Wrote in message:
4. XSS issue on Configuration Report page when displaying complex value This issue affects Mantis 1.2.0rc1 and later. Lack of proper string escaping allows users (having admin access) to enter arbitrary javascript code and have it executed on the user's browser. Reference: http://www.mantisbt.org/bugs/view.php?id=15416Does this count as a proper release or does it fall into the "beta" classification?1.2.0rc1 was a beta release. The first "proper" release affected by this was 1.2.0Ok not assigning a CVE then, unless there are a large number of users betas don't get CVEs.Steve just pointed out I may have misread this. Is 1.2.0 vulnerable, and this is fixed in 1.2.1, or was it fixed in the 1.2.0 release (so ONLY 1.2.0-rc1 was affected)?
Not sure who Steve is, but he is absolutely correct - this affects all versions of Mantis *starting* with rc1 and until 1.2.13 included, so definitely non-beta releases are vulnerable.
Current thread:
- Multiple CVE requests for MantisBT Damien Regad (Apr 04)
- Re: Multiple CVE requests for MantisBT Kurt Seifried (Apr 05)
- Re: Multiple CVE requests for MantisBT Damien Regad (Apr 08)
- Re: Re: Multiple CVE requests for MantisBT Kurt Seifried (Apr 08)
- Re: Re: Multiple CVE requests for MantisBT Kurt Seifried (Apr 08)
- Re: Re: Multiple CVE requests for MantisBT Damien Regad (Apr 08)
- Re: Re: Re: Multiple CVE requests for MantisBT Kurt Seifried (Apr 08)
- Re: Multiple CVE requests for MantisBT Damien Regad (Apr 08)
- Re: Multiple CVE requests for MantisBT Kurt Seifried (Apr 05)