Mantis < 0.9.5 / 1.1.0 RC5 view.php HTML Injection
High Nessus Network Monitor Plugin ID 4326
SynopsisThe remote host is vulnerable to an HTML injection attack.
DescriptionThe remote host appears to be running a vulnerable version of Mantis, a bug tracker web application written in PHP. It is reported that versions lower than 1.1.0 are vulnerable to a persistent HTML injection attack. The root of the flaw is in the way that Mantis handles user-supplied data to the 'view.php' script. An attacker exploiting this flaw would only need the ability to send HTTP requests to the 'view.php' script. Successful exploitation would result in arbitrary code being executed within the browser of other Mantis users.
SolutionUpgrade to version 0.19.5, 1.0.0 RC5 or higher.