View Issue Details

IDProjectCategoryView StatusLast Update
0017698mantisbtsecuritypublic2014-12-22 08:22
Reportershaheemirza Assigned Todregad  
PriorityhighSeveritymajorReproducibilityalways
Status closedResolutionduplicate 
Summary0017698: An Open Redirect Vulnerability discovered
Description

Hi,

I have discovered an OpenRedirect vulnerability in mantisBT. My test ground is MantisHub, and I don't know what version is using there.

Any logged-in user is vulnerable to this Bug.

PoC: https://root.mantishub.com/login_page.php?return=https%3A%2F%2Ftwitter.com%2Fshaheemirza

I have attached an Screen Recorded Video.

URL: https://www.dropbox.com/s/m42ngiio0ev2cy2/mantisbt-opendir.flv?dl=1

Regards,

Shahee Mirza
@shaheemirza

Steps To Reproduce

https://www.dropbox.com/s/m42ngiio0ev2cy2/mantisbt-opendir.flv?dl=1

TagsNo tags attached.

Relationships

duplicate of 0017648 closeddregad CVE-2014-6316: URL redirection issue 
related to 0017362 closeddregad Multiple vulnerabilities in MantisBT 

Activities

dregad

dregad

2014-09-23 04:55

developer   ~0041296

On the basis of how 0017648 was handled by @grangeway, I'm resolving this as duplicate of 0017362.

For the record, CVE-2014-6316 was assigned to this issue.

dregad

dregad

2014-10-29 08:23

developer   ~0041700

Changing relationships, as 0017648 is now used to track resolution of this issue.