View Issue Details

WikiJump to Notes
IDProjectCategoryView StatusDate SubmittedLast Update
0008977mantisbtsecuritypublic2008-03-14 21:202008-08-11 09:42
Reporterthraxisp Assigned Tothraxisp  
PrioritynormalSeverityminorReproducibilityhave not tried
Status closedResolutionfixed 
Product Version1.1.1 
Target Version1.2.0a2Fixed in Version1.2.0a2 
Summary0008977: Port 0008974: XSS Vulnerability in filters
Description

Mantis Bug Tracker 1.1.1 Multiple Vulnerabilities

Name Multiple Vulnerabilities in Mantis
Systems Affected Mantis 1.1.1 and possibly earlier versions
Severity
Impact (CVSSv2) (, vector: )
Vendor http://www.mantisbt.org/
Advisory
Authors Antonio "s4tan" Parata (s4tan AT ush DOT it)
Francesco "ascii" Ongaro (ascii AT ush DOT it)

A) XSS Vulnerabilities

We have found an XSS vulnerability in return_dynamic_filters.php. In order to exploit this vulnerability the attacker must be authenticated. Usually the anonymous user is allowed on typical installation, so the impact is a bit higher. The following url is a proof of concept:

http://www.example.com/mantis/return_dynamic_filters.php?filter_target=<script>alert(document.cookie);</script>

TagsNo tags attached.

Relationships

child of 0008974 closedthraxisp XSS Vulnerability in filters 

Activities

thraxisp

thraxisp

2008-03-14 21:44

reporter   ~0017359

fixed in svn r5117
giallu

giallu

2008-05-29 03:05

reporter   ~0017939

Removing private status, as this is public now as part of CVE-2008-2276.

Rad Hat reference:
https://bugzilla.redhat.com/show_bug.cgi?id=448404