It was found that the fix for CVE-2014-6316 was incomplete: With certain browsers (FF 34, Chrome 39 but not IE11) it is still possible to effect a cross-domain redirection using a redirect address having a single slash, e.g. - http://example.com/mantis/login_page.php?return=https:/google.com or - https://example.com/mantis/login_page.php?return=http:/google.com Upstream bug: https://www.mantisbt.org/bugs/view.php?id=17997 Other References: http://seclists.org/oss-sec/2015/q1/110
Created mantis tracking bugs for this issue: Affects: fedora-all [bug 1181122]
This CVE Bugzilla entry is for community support informational purposes only as it does not affect a package in a commercially supported Red Hat product. Refer to the dependent bugs for status of those individual community products.