Re: CVE-2014-6316: URL redirection issue in MantisBT

[Damien Regad <dregad () mantisbt org>]

On 2014-12-05 23:35, P Richards wrote:
> "Paul Richards also found another redirection issue in permalink_page.php,
> which turned out to have the same root cause."
> And nik-picking here, but the issue that I identified in permalink_page.php
> I believe was a cross site scripting issue and not a URL redirection
> vulnerability so should probably be allocated a separate CVE
> identifier?

For the record, you reported it to me as a redirection, in the PDF 
document you sent by e-mail.

Anyway, since I came upon this following up on another user's report for 
the same issue, I'm setting things straight now with a CVE request for 
the XSS:

http://thread.gmane.org/gmane.comp.security.oss.general/16119