View Issue Details

IDProjectCategoryView StatusLast Update
0019493mantisbtsecuritypublic2015-03-27 04:41
ReporterTWSpidersAssigned Todregad 
PrioritynormalSeverityminorReproducibilityalways
Status closedResolutionfixed 
Product Version1.1.0a4 
Target VersionFixed in Version1.2.19 
Summary0019493: CVE-2014-9701: XSS vulnerability in permalink_page.php
Description

This issue was previously reported in 0019384. However, it was advised to create a new issue for requesting a CVE number.

Mantis 1.2.18 and prior are vulnerable to a XSS vulnerability in the 'permalink_page.php' page

Steps To Reproduce

Finding 1: Cross-Site Scripting Vulnerability in 'permalink_page.php' page

#Request:
GET /mantisbt/permalink_page.php?url=javascript:alert("XSS")// HTTP/1.1
Host: a.b.c.d
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.9; rv:26.0) Gecko/20100101
Firefox/26.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,/;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Cookie: PHPSESSID=v7ca97s16ee4o7p3a7esqne0t0; MANTIS_secure_session=0;
MANTIS_STRING_COOKIE=b8f1c62e064b83ba98bdb851209e58869db6d583519ec51485107cc05f718602;
MANTIS_MANAGE_USERS_COOKIE=0%3Adate_created%3AASC%3A0
Connection: keep-alive

TagsNo tags attached.

Relationships

related to 0019384 closedatrol Multiple Cross-Site Scripting Vulnerabilities 
has duplicate 0019504 closeddregad CVE-2014-9701: XSS vulnerability in permalink_page.php 
related to 0017362 closeddregad Multiple vulnerabilities in MantisBT 

Activities

TWSpiders

TWSpiders

2015-03-12 22:25

reporter  

mantisBT_XSS.png (76,038 bytes)
mantisBT_XSS.png (76,038 bytes)
dregad

dregad

2015-03-14 05:14

developer   ~0049211

For the record, this specific XSS issue on permalink_page.php was previously reported by grangeway in 0017362:0040613 (the follow-up took place off-line via e-mail/IRC), so if any credit is to be given for this discovery, it would go to him.

dregad

dregad

2015-03-14 05:22

developer   ~0049213

Last edited: 2015-03-14 05:23

View 2 revisions

See also http://thread.gmane.org/gmane.comp.security.oss.general/14977/focus=15022

dregad

dregad

2015-03-14 06:29

developer   ~0049214

CVE request http://thread.gmane.org/gmane.comp.security.oss.general/16119

TWSpiders

TWSpiders

2015-03-17 13:26

reporter   ~0049248

This is requested for tracking purposes only. Thank you.

Issue History

Date Modified Username Field Change
2015-03-12 22:25 TWSpiders New Issue
2015-03-12 22:25 TWSpiders File Added: mantisBT_XSS.png
2015-03-13 06:48 dregad Relationship added related to 0019384
2015-03-14 05:14 dregad Status new => acknowledged
2015-03-14 05:14 dregad Product Version 1.2.18 => 1.1.0a4
2015-03-14 05:14 dregad Fixed in Version => 1.2.19
2015-03-14 05:14 dregad Note Added: 0049211
2015-03-14 05:17 dregad Status acknowledged => resolved
2015-03-14 05:17 dregad Resolution open => fixed
2015-03-14 05:17 dregad View Status private => public
2015-03-14 05:19 dregad Relationship added related to 0017362
2015-03-14 05:22 dregad Note Added: 0049213
2015-03-14 05:23 dregad Note Edited: 0049213 View Revisions
2015-03-14 05:50 dregad Description Updated View Revisions
2015-03-14 06:29 dregad Note Added: 0049214
2015-03-15 13:17 dregad Summary Cross-Site Scripting Vulnerability in 'permalink_page.php' page => CVE-2014-9701: XSS vulnerability in permalink_page.php
2015-03-15 13:22 dregad Issue cloned: 0019504
2015-03-15 13:22 dregad Relationship added has duplicate 0019504
2015-03-17 13:26 TWSpiders Note Added: 0049248
2015-03-25 17:52 atrol Assigned To => atrol
2015-03-25 17:52 atrol Status resolved => closed
2015-03-27 04:41 dregad Assigned To atrol => dregad