oss-sec mailing list archives

Previous By Date Next
Previous By Thread Next

Advisory: XSS issues in MantisBT (CVE-2017-6797, CVE-2017-6799)

From: Damien Regad <dregad () mantisbt org>
Date: Fri, 10 Mar 2017 12:56:25 +0100
Please take note of the following 2 cross-site scripting issues in MantisBT

Best regards
Damien Regad
MantisBT developer


1. CVE-2017-6797: XSS in bug_change_status_page.php

A cross-site scripting (XSS) vulnerability in bug_change_status_page.php
allows remote attackers to inject arbitrary JavaScript via the
'action_type' parameter.

Affected versions: 1.3.0-beta.3 through 2.2.0
Fixed in versions: 1.3.7, 2.2.1 (not yet released)

Patch:
- 1.3:
https://github.com/mantisbt/mantisbt/commit/a2d90ecabf3bcf3aa22ed9dbbecfd3d37902956f
- 2.x:
https://github.com/mantisbt/mantisbt/commit/c272c3f65da9677e505ff692b1f1e476b3afa56e

Credits:
Reported by Etienne Landais, fixed by Damien Regad (MantisBT developer)

References:
MantisBT issue tracker http://www.mantisbt.org/bugs/view.php?id=22486


2. CVE-2017-6799 - XSS in view_filters_page.php

A cross-site scripting (XSS) vulnerability in view_filters_page.php allows
remote attackers to inject arbitrary JavaScript via the 'view_type'
parameter.

Affected versions: 2.1.0 through 2.2.0; fixed
Fixed in versions: 2.2.1 (not yet released)

Patch:
https://github.com/mantisbt/mantisbt/commit/1677251434b6e8b2be8f1d4376a3e78f7be14d95

Credits:
Reported by Etienne Landais, fixed by Damien Regad (MantisBT developer)

References:
MantisBT issue tracker http://www.mantisbt.org/bugs/view.php?id=22497
Previous By Date Next
Previous By Thread Next

Current thread: