View Issue Details

WikiJump to Notes
IDProjectCategoryView StatusDate SubmittedLast Update
0007784mantisbtsecuritypublic2007-02-25 10:522007-12-21 04:17
Reporterlxg Assigned Tovboctor  
PrioritynormalSeveritymajorReproducibilityalways
Status closedResolutionfixed 
PlatformallOSallOS Versionall
Product Version1.0.6 
Target Version1.0.7Fixed in Version1.0.7 
Summary0007784: XSS vulnerabilities
Description

There are multiple Cross-Site-Scripting issues in MantisBT. For example, a user can insert JavaScript into his Full Name, thus making every client execute the JS when accessing a page displaying this information.

Steps To Reproduce
  • create user account, confirm registration, log in
  • edit your username and insert somewhere at the end of this field e.g. <script type="text/javascript">alert('XSS alert!');</script>
Additional Information

Usually some HTML should be allowed, but malicious HTML should be filtered out. There are some opensource libraries available (e.g. KSES) which do such a HTML filtering.

Alternatively (or as workaround), the PHP function strip_tags() will eliminate undesired HTML tags. It does however not discriminate on attributes, such as KSES et al. do.

TagsNo tags attached.

Relationships

parent of 0007795 closedvboctor Port 7784: XSS vulnerabilities 

Activities

There are no notes attached to this issue.