An XSS vulnerability in MantisBT before 2.25.5 allows remote attackers to attach crafted SVG documents to issue reports or bugnotes. When a user or an admin clicks on the attachment, file_download.php opens the SVG document in a browser tab instead of downloading it as a file, causing the JavaScript code to execute.
References
Link | Resource |
---|---|
https://mantisbt.org/blog/archives/mantisbt/719 | Release Notes Vendor Advisory |
https://mantisbt.org/bugs/view.php?id=29135 | Exploit Issue Tracking Vendor Advisory |
https://mantisbt.org/bugs/view.php?id=30384 | Exploit Issue Tracking Vendor Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: mitre
Published: 2022-06-24T16:45:56
Updated: 2022-06-24T16:45:56
Reserved: 2022-06-17T00:00:00
Link: CVE-2022-33910
JSON object: View
NVD Information
Status : Analyzed
Published: 2022-06-24T17:15:08.850
Modified: 2022-07-06T16:19:49.023
Link: CVE-2022-33910
JSON object: View
Redhat Information
No data.
CWE