CVE-2007-6611 - Cross-Site Scripting (XSS) vulnerability in Mantis 1.1.0a1

Publication

2008-01-03

Last modification

2008-11-15

Summary

Cross-site scripting (XSS) vulnerability in view.php in Mantis before 1.1.0 allows remote attackers to inject arbitrary web script or HTML via a filename, related to bug_report.php.

Description

Mantis is prone to an HTML-injection vulnerability because the application fails to properly sanitize user-supplied input before using it in dynamically generated content. Attacker-supplied HTML or JavaScript code could run in the context of the affected site, potentially allowing an attacker to steal cookie-based authentication credentials and to control how the site is rendered to the user; other attacks are also possible.This issue affects versions prior to Mantis 1.1.0.

Solution

The vendor released Mantis 1.1.0 to address this issue. Please see the references for more information. Mantis Mantis 1.1.0a2 Mantis mantis-1.1.0.tar.gz http://downloads.sourceforge.net/mantisbt/mantis-1.1.0.tar.gz?modtime= 1198104416&big_mirror=0 Mantis Mantis 1.0.0 RC5 Mantis mantis-1.1.0.tar.gz http://downloads.sourceforge.net/mantisbt/mantis-1.1.0.tar.gz?modtime= 1198104416&big_mirror=0 Mantis Mantis 1.0 .0rc2 Mantis mantis-1.1.0.tar.gz http://downloads.sourceforge.net/mantisbt/mantis-1.1.0.tar.gz?modtime= 1198104416&big_mirror=0 Mantis Mantis 1.0 .0a2 Mantis mantis-1.1.0.tar.gz http://downloads.sourceforge.net/mantisbt/mantis-1.1.0.tar.gz?modtime= 1198104416&big_mirror=0 Mantis Mantis 1.0 .0RC4 Mantis mantis-1.1.0.tar.gz http://downloads.sourceforge.net/mantisbt/mantis-1.1.0.tar.gz?modtime= 1198104416&big_mirror=0 Mantis Mantis 1.0 .0RC3 Mantis mantis-1.1.0.tar.gz http://downloads.sourceforge.net/mantisbt/mantis-1.1.0.tar.gz?modtime= 1198104416&big_mirror=0 Mantis Mantis 1.0 Mantis mantis-1.1.0.tar.gz http://downloads.sourceforge.net/mantisbt/mantis-1.1.0.tar.gz?modtime= 1198104416&big_mirror=0 Mantis Mantis 1.0 .0a1 Mantis mantis-1.1.0.tar.gz http://downloads.sourceforge.net/mantisbt/mantis-1.1.0.tar.gz?modtime= 1198104416&big_mirror=0 Mantis Mantis 1.0 .0a3 Mantis mantis-1.1.0.tar.gz http://downloads.sourceforge.net/mantisbt/mantis-1.1.0.tar.gz?modtime= 1198104416&big_mirror=0 Mantis Mantis 1.0 .0rc1 Mantis mantis-1.1.0.tar.gz http://downloads.sourceforge.net/mantisbt/mantis-1.1.0.tar.gz?modtime= 1198104416&big_mirror=0 Mantis Mantis 1.0.1 Mantis mantis-1.1.0.tar.gz http://downloads.sourceforge.net/mantisbt/mantis-1.1.0.tar.gz?modtime= 1198104416&big_mirror=0

Exploit

Attackers can use a browser to exploit this issue.

Classification

CWE-79 - Cross-Site Scripting (XSS)

Risk level (CVSS AV:N/AC:M/Au:N/C:N/I:P/A:N)

Medium

4.3

Access Vector

  • Network
  • Adjacent Network
  • Local

Access Complexity

  • Low
  • Medium
  • High

Authentication

  • None
  • Single
  • Multiple

Confident. Impact

  • Complete
  • Partial
  • None

Integrity Impact

  • Complete
  • Partial
  • None

Affected Products

Vendor Product Versions
Mantis Mantis  1.1.0A1