Hide Forgot
The following issue was found in MantisBT: Use of unsanitized parameters in this admin page allow an attacker to execute arbitrary JavaScript code. This issue is fixed in the yet-to-be released 1.2.18 release of MantisBT. Upstream Patch: http://github.com/mantisbt/mantisbt/commit/e5fc835a Upstream issue details: http://www.mantisbt.org/bugs/view.php?id=17876 http://www.offensive-security.com/bug-bounty-program/ CVE request: http://seclists.org/oss-sec/2014/q4/867
Created mantis tracking bugs for this issue: Affects: fedora-all [bug 1170194]
*** Bug 1170197 has been marked as a duplicate of this bug. ***
This issue is tracked under one CVE along with: An attacker could upload a malicious Flash file renamed to bear a recognized image extension (e.g. xss.swf ==> screenshot.png). Since by default MantisBT is configured to allow images to be displayed inline, it is possible to get the Flash to execute. This issue is fixed in the yet-to-be released 1.2.18 release of MantisBT. Upstream Patch: http://github.com/mantisbt/mantisbt/commit/9fb8cf36f Upstream issue details: http://www.mantisbt.org/bugs/view.php?id=17874 CVE assignment: http://seclists.org/oss-sec/2014/q4/902
As per MITRE this should be tracked as CVE-2014-9281 http://seclists.org/oss-sec/2014/q4/924
mantis-1.2.18-1.fc19 has been pushed to the Fedora 19 stable repository. If problems still persist, please make note of it in this bug report.
mantis-1.2.18-1.fc20 has been pushed to the Fedora 20 stable repository. If problems still persist, please make note of it in this bug report.
mantis-1.2.18-1.fc21 has been pushed to the Fedora 21 stable repository. If problems still persist, please make note of it in this bug report.
This CVE Bugzilla entry is for community support informational purposes only as it does not affect a package in a commercially supported Red Hat product. Refer to the dependent bugs for status of those individual community products.