Bug 948977 (CVE-2013-1932) - CVE-2013-1932 mantis: XSS on the Configuration Report page
Summary: CVE-2013-1932 mantis: XSS on the Configuration Report page
Keywords:
Status: CLOSED NOTABUG
Alias: CVE-2013-1932
Product: Security Response
Classification: Other
Component: vulnerability
Version: unspecified
Hardware: All
OS: Linux
medium
medium
Target Milestone: ---
Assignee: Red Hat Product Security
QA Contact:
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2013-04-05 15:06 UTC by Jan Lieskovsky
Modified: 2019-09-29 13:02 UTC (History)
4 users (show)

Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed: 2013-04-05 15:11:08 UTC


Attachments (Terms of Use)

Description Jan Lieskovsky 2013-04-05 15:06:00 UTC
A cross-site scripting (XSS) flaw was found in the way MantisBT, a web-based issue tracking system, sanitized project name when displaying the project list for a particular filter. A remote attacker could provide a specially-crafted URL that, when visited would lead to arbitrary HTML or web script execution in the context of the MantisBT user's session.

References:
[1] http://www.openwall.com/lists/oss-security/2013/04/04/8

Upstream ticket:
[2] http://www.mantisbt.org/bugs/view.php?id=15415

Upstream patch:
[3] http://github.com/mantisbt/mantisbt/commit/c61dc631b4c37547a25e1306ed90aa09e9e1b837 (against 1.2.x branch)

Introduced by:
[4] https://github.com/mantisbt/mantisbt/commit/e539dd68df6b5efa79869ba8f6a0427fb5aa7835

Comment 1 Jan Lieskovsky 2013-04-05 15:11:08 UTC
This issue did NOT affect the versions of the mantis package, as shipped with Fedora release of 17, 18, and Fedora EPEL-5 (the former two already contain the upstream fix, the latter third one was not vulnerable to the problem).

Comment 2 Jan Lieskovsky 2013-04-09 09:57:50 UTC
The CVE identifier of CVE-2013-1932 has been assigned to this issue:
  http://www.openwall.com/lists/oss-security/2013/04/06/4


Note You need to log in before you can comment on or make changes to this bug.