oss-sec mailing list archives
Re: CVE-2014-6316: URL redirection issue in MantisBT
From: Damien Regad <dregad () mantisbt org>
Date: Sat, 14 Mar 2015 11:22:04 +0100
On 2014-12-05 23:35, P Richards wrote:
"Paul Richards also found another redirection issue in permalink_page.php,
> which turned out to have the same root cause."
And nik-picking here, but the issue that I identified in permalink_page.php
> I believe was a cross site scripting issue and not a URL redirection > vulnerability so should probably be allocated a separate CVE > identifier?For the record, you reported it to me as a redirection, in the PDF document you sent by e-mail.
Anyway, since I came upon this following up on another user's report for the same issue, I'm setting things straight now with a CVE request for the XSS:
http://thread.gmane.org/gmane.comp.security.oss.general/16119
Current thread:
- Re: CVE-2014-6316: URL redirection issue in MantisBT Damien Regad (Jan 10)
- Re: Re: CVE-2014-6316: URL redirection issue in MantisBT cve-assign (Jan 11)
- <Possible follow-ups>
- Re: CVE-2014-6316: URL redirection issue in MantisBT Damien Regad (Mar 14)