View Issue Details

IDProjectCategoryView StatusLast Update
0012232mantisbtsecuritypublic2011-08-02 12:35
Reporterdhx 
Assigned Todhx 
PriorityimmediateSeveritycrashReproducibilityalways
Status closedResolutionfixed 
Product Version1.2.2 
Target Version1.2.3Fixed in Version1.2.3 
Summary0012232: Multiple XSS issues with custom field enumeration values
Description

MantisBT administrators (who can configure custom fields) can place malicious Javascript within the options they define for custom field enumeration/checkbox/radio/etc field types. These HTML-unsafe options are then printed to users throughout MantisBT (report, update, view, etc) without sanitisation.

This is low risk due to the need to be a MantisBT administrator to configure custom field values. Rather than being a pure security risk, this is more a case of allowing more characters to be used safely within custom field options.

TagsNo tags attached.

Relationships

related to 0012370 closedgiallu Multiple XSS issues with custom field enumeration values 

Activities

There are no notes attached to this issue.

Related Changesets

MantisBT: master 7ab71d01

2010-08-04 14:05:39

dhx

Details Diff
Fix 0012232: Multiple XSS issues with custom field enumeration values

MantisBT administrators (who can configure custom fields) can place
malicious Javascript within the options they define for custom field
enumeration/checkbox/radio/etc field types. These HTML-unsafe options
are then printed to users throughout MantisBT (report, update, view,
etc) without sanitisation.

This is low risk due to the need to be a MantisBT administrator to
configure custom field values. Rather than being a pure security risk,
this is more a case of allowing all characters to be used safely within
custom field options.
mod - core/cfdefs/cfdef_standard.php Diff File

MantisBT: master-1.2.x 243ff6f6

2010-08-04 14:05:39

dhx

Details Diff
Fix 0012232: Multiple XSS issues with custom field enumeration values

MantisBT administrators (who can configure custom fields) can place
malicious Javascript within the options they define for custom field
enumeration/checkbox/radio/etc field types. These HTML-unsafe options
are then printed to users throughout MantisBT (report, update, view,
etc) without sanitisation.

This is low risk due to the need to be a MantisBT administrator to
configure custom field values. Rather than being a pure security risk,
this is more a case of allowing all characters to be used safely within
custom field options.
mod - core/cfdefs/cfdef_standard.php Diff File

Issue History

Date Modified Username Field Change
2010-08-04 10:05 dhx New Issue
2010-08-04 10:05 dhx Status new => assigned
2010-08-04 10:05 dhx Assigned To => dhx
2010-08-04 10:07 dhx Changeset attached => MantisBT master 7ab71d01
2010-08-04 10:07 dhx Changeset attached => MantisBT master-1.2.x 243ff6f6
2010-08-04 10:07 dhx Resolution open => fixed
2010-08-04 10:07 dhx Fixed in Version => 1.2.3
2010-08-04 10:07 dhx Status assigned => resolved
2010-08-05 18:37 dhx View Status private => public
2010-09-18 19:12 giallu Issue cloned: 0012370
2010-09-18 19:12 giallu Relationship added related to 0012370
2011-08-02 12:35 dregad Status resolved => closed