oss-sec mailing list archives
Re: CVE Request: XSS vulnerability in MantisBT 1.2.13
From: Damien Regad <dregad () mantisbt org>
Date: Sat, 22 Nov 2014 17:10:28 +0100
On 2014-11-20 00:11, cve-assign () mitre org wrote:
https://github.com/mantisbt/mantisbt/commit/cabacdc291c251bfde0dc2a2c945c02cef41bf40 the selection list in the filtersUse CVE-2014-8986.
Thanks. Here's some additional information to document this CVE. Description:The MantisBT Configuration Report page (adm_config_report.php) did not check that the config value retrieved from the cookie was valid, allowing XSS attacks.
The severity of this issue is mitigated by the need to have a high-privileged account (by default, administrator) to access the configuration report page.
Affected versions: >= 1.2.13, <= 1.2.17 Fixed in versions: 1.2.18 (not yet released) Patch: See Github [1] Credit:Issue was discovered by Paul Richards, and jointly fixed by Paul Richards & Damien Regad (MantisBT Developer)
References: Further details available in our issue tracker [2] D. Regad MantisBT Developer http://www.mantisbt.org [1] http://github.com/mantisbt/mantisbt/commit/e326b73a [2] http://www.mantisbt.org/bugs/view.php?id=17889
Current thread:
- CVE Request: XSS vulnerability in MantisBT 1.2.13 Damien Regad (Nov 14)
- RE: CVE Request: XSS vulnerability in MantisBT 1.2.13 P Richards (Nov 14)
- Re: CVE Request: XSS vulnerability in MantisBT 1.2.13 Damien Regad (Nov 15)
- Re: Re: CVE Request: XSS vulnerability in MantisBT 1.2.13 Paul Richards (Nov 15)
- Re: CVE Request: XSS vulnerability in MantisBT 1.2.13 Damien Regad (Nov 15)
- Re: CVE Request: XSS vulnerability in MantisBT 1.2.13 Damien Regad (Nov 19)
- Re: CVE Request: XSS vulnerability in MantisBT 1.2.13 Damien Regad (Nov 15)
- RE: CVE Request: XSS vulnerability in MantisBT 1.2.13 P Richards (Nov 14)
- Re: CVE Request: XSS vulnerability in MantisBT 1.2.13 cve-assign (Nov 19)
- Re: CVE Request: XSS vulnerability in MantisBT 1.2.13 Damien Regad (Nov 22)