| Anonymous | Login | Signup for a new account | 2010-02-08 20:47 EST |  |
| Main | My View | View Issues | Change Log | Roadmap | Wiki | ManTweet | Repositories |
| View Issue Details [ Jump to Notes ] [ Wiki ] | [ Issue History ] [ Print ] | |||||
| ID | Project | Category | View Status | Date Submitted | Last Update | |
| 0006557 | mantisbt | security | public | 2006-01-04 22:42 | 2006-10-09 11:55 | |
| Reporter | thraxisp | |||||
| Assigned To | thraxisp | |||||
| Priority | normal | Severity | minor | Reproducibility | always | |
| Status | closed | Resolution | fixed | |||
| Platform | OS | OS Version | ||||
| Product Version | 1.0.0rc4 | |||||
| Target Version | Fixed in Version | 1.0.0rc5 | ||||
| Summary | 0006557: XSS Vulnerability in manage_user (TKADV2005-11-002) | |||||
| Description | It is possible to embed an XSS script into the sort field of the manage_user_page. It is then trapped in the use's cookies. From Thomas Waldegger [thomas.waldegger at morph3us dot org] You did not address the "MANTIS_MANAGE_COOKIE" cookie bug (XSS, unexploitable SQL-Injection, temporary defacement), the XSS vulnerabilities in `view_filters_page.php', `proj_doc_delete.php', `query_store_page.php', `query_store.php' and there are still a lot of scripts which do not properly validate user-supplied input. /manage_user_page.php: ?sort=%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3E&save=1 | |||||
| Tags | No tags attached. | |||||
| Attached Files | ||||||
 Relationships |
 Notes |
|
 (0011868)thraxisp (manager) 2006-01-04 22:55 |
Fixed in CVS. manage_user_page.php -> 1.59.8.1.2.1 core/database_api.php -> 1.46.6.1 |
|
Notes |
|
Issue History |
|||
| Date Modified | Username | Field | Change |
| 2006-01-04 22:42 | thraxisp | New Issue | |
| 2006-01-04 22:42 | thraxisp | Assigned To | => thraxisp |
| 2006-01-04 22:42 | thraxisp | Issue generated from | 0006556 |
| 2006-01-04 22:42 | thraxisp | Relationship added | child of 0006556 |
| 2006-01-04 22:55 | thraxisp | Status | new => resolved |
| 2006-01-04 22:55 | thraxisp | Fixed in Version | => 1.0.0rc5 |
| 2006-01-04 22:55 | thraxisp | Resolution | open => fixed |
| 2006-01-04 22:55 | thraxisp | Note Added: 0011868 | |
| 2006-01-17 06:33 | vboctor | Status | resolved => closed |
| 2006-10-09 11:55 | thraxisp | View Status | private => public |
|
Issue History |
| MantisBT 1.2.0rc2 git live[^]
Copyright © 2000 - 2010 MantisBT Group
Time: 0.1840 seconds. memory usage: 1,801 KB |
 |