0006544: XSS Vulnerability in project name (TKADV2005-11-002) - MantisBT

ID	Project	Category	View Status	Date Submitted	Last Update

0006544	mantisbt	security	public	2005-12-31 21:53	2006-10-09 11:55

Reporter	thraxisp	Assigned To	thraxisp
Priority	normal	Severity	minor	Reproducibility	always
Status	closed	Resolution	fixed
Product Version	0.19.3
Fixed in Version	0.19.5

Summary	0006544: XSS Vulnerability in project name (TKADV2005-11-002)
Description	It is possible to embed an XSS script into the project name at creation. This then shows up in several other pages. From Thomas Waldegger [thomas.waldegger at morph3us dot org] You should not allow users to add projects, filters, users and so on with HTML/Script code in it. Note: These configurations affect only the ">'' project. Try to add a project with the name '">script>alert(document.cookie) </script>' and have a look at following PHP files: /manage_config_work_threshold_page.php /manage_config_email_page.php /manage_config_work_threshold_page.php /changelog_page.php: /print_all_bug_page.php: These files do not filter the project name and so everytime a certain PHP file is loaded the JavaScript code gets executed. It's a harmless bug, I know, but Mantis should handle this.
Tags	No tags attached.

parent of	0006545	closed	thraxisp	Port 0006544: XSS Vulnerability in project name (TKADV2005-11-002)
parent of	0006546	closed	thraxisp	Port 0006544: XSS Vulnerability in project name (TKADV2005-11-002)

thraxisp 2005-12-31 23:33 reporter ~0011856	Fixed in 0.19.3 stream for 0.19.5 release bug_view_advanced_page.php -> 1.67.6.1 bug_view_page.php -> 1.70.6.1 changelog_page.php -> 1.9.6.1 manage_proj_create.php -> 1.6.4.1 print_all_bug_page.php -> 1.80.10.1 print_bug_page.php -> 1.51.10.1 core/string_api.php -> 1.62.4.2