View Issue Details

WikiJump to Notes
IDProjectCategoryView StatusDate SubmittedLast Update
0008974mantisbtsecuritypublic2008-03-14 20:122008-06-17 02:48
Reporterthraxisp Assigned Tothraxisp  
PrioritynormalSeverityminorReproducibilityhave not tried
Status closedResolutionfixed 
Product Version1.1.1 
Target Version1.1.2Fixed in Version1.1.2 
Summary0008974: XSS Vulnerability in filters
Description

Mantis Bug Tracker 1.1.1 Multiple Vulnerabilities

Name Multiple Vulnerabilities in Mantis
Systems Affected Mantis 1.1.1 and possibly earlier versions
Severity
Impact (CVSSv2) (, vector: )
Vendor http://www.mantisbt.org/
Advisory
Authors Antonio "s4tan" Parata (s4tan AT ush DOT it)
Francesco "ascii" Ongaro (ascii AT ush DOT it)

A) XSS Vulnerabilities

We have found an XSS vulnerability in return_dynamic_filters.php. In order to exploit this vulnerability the attacker must be authenticated. Usually the anonymous user is allowed on typical installation, so the impact is a bit higher. The following url is a proof of concept:

http://www.example.com/mantis/return_dynamic_filters.php?filter_target=<script>alert(document.cookie);</script>

TagsNo tags attached.

Relationships

Relationship GraphDependency Graph
parent of 0008977 closedthraxisp Port 0008974: XSS Vulnerability in filters 

Activities

thraxisp

thraxisp

2008-03-14 21:43

reporter   ~0017358

fixed in svn r5116
giallu

giallu

2008-06-17 02:36

reporter   ~0018117

making it public. This is CVE-2008-2276