A cross-site scripting (XSS) vulnerability in the MantisBT Move Attachments page (move_attachments_page.php, part of admin tools) allows remote attackers to inject arbitrary code through a crafted 'type' parameter, if Content Security Protection (CSP) settings allows it. This is fixed in 1.3.9, 2.1.3, and 2.2.3. Note that this vulnerability is not exploitable if the admin tools directory is removed, as recommended in the "Post-installation and upgrade tasks" of the MantisBT Admin Guide. A reminder to do so is also displayed on the login page.
References
Link | Resource |
---|---|
http://openwall.com/lists/oss-security/2017/03/30/4 | Mailing List Third Party Advisory |
http://www.mantisbt.org/bugs/view.php?id=22568 | Exploit Patch Vendor Advisory |
http://www.securityfocus.com/bid/97253 | Third Party Advisory VDB Entry |
http://www.securitytracker.com/id/1038169 |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: mitre
Published: 2017-03-31T04:26:00
Updated: 2017-07-11T09:57:01
Reserved: 2017-03-23T00:00:00
Link: CVE-2017-7241
JSON object: View
NVD Information
Status : Modified
Published: 2017-03-31T04:59:00.250
Modified: 2017-07-12T01:29:19.737
Link: CVE-2017-7241
JSON object: View
Redhat Information
No data.
CWE