View Issue Details

IDProjectCategoryView StatusLast Update
0019274mantisbtsecuritypublic2015-03-15 19:58
ReporterdregadAssigned Todregad 
PrioritynormalSeveritymajorReproducibilityhave not tried
Status closedResolutionfixed 
Product Version1.3.0-beta.1 
Target Version1.3.0-beta.2Fixed in Version1.3.0-beta.2 
Summary0019274: CVE-2014-9571: XSS in install.php

This is a clone of 0017938 to track the vulnerability in 1.3.x branch

Additional Information

Advisory ID: HTB23243

Original report in 0017937

TagsNo tags attached.


duplicate of 0017938 closeddregad CVE-2014-9571: XSS in install.php 


There are no notes attached to this issue.

Related Changesets

MantisBT: master 132cd6d0

2014-12-27 12:47:58


Details Diff
Fix XSS in install.php

This vulnerability (CVE-2014-9571) was reported by High-Tech Bridge
Security Research Lab ( in issue 0017937
(advisory ID HTB23243).

The parameters are now properly sanitized before being displayed.

Fixes 0017938
mod - admin/install.php Diff File

Issue History

Date Modified Username Field Change
2015-01-27 04:49 dregad New Issue
2015-01-27 04:49 dregad Status new => assigned
2015-01-27 04:49 dregad Assigned To => dregad
2015-01-27 04:49 dregad Issue generated from: 0017938
2015-01-27 04:49 dregad Relationship added duplicate of 0017938
2015-01-27 04:52 dregad Status assigned => resolved
2015-01-27 04:52 dregad Fixed in Version => 1.3.0-beta.2
2015-01-27 04:52 dregad Resolution open => fixed
2015-01-27 04:56 dregad Changeset attached => MantisBT master 132cd6d0
2015-03-15 19:58 dregad Status resolved => closed