Mantis < 0.9.5 / 1.1.0 RC5 view.php HTML Injection

High Nessus Network Monitor Plugin ID 4326


The remote host is vulnerable to an HTML injection attack.


The remote host appears to be running a vulnerable version of Mantis, a bug tracker web application written in PHP. It is reported that versions lower than 1.1.0 are vulnerable to a persistent HTML injection attack. The root of the flaw is in the way that Mantis handles user-supplied data to the 'view.php' script. An attacker exploiting this flaw would only need the ability to send HTTP requests to the 'view.php' script. Successful exploitation would result in arbitrary code being executed within the browser of other Mantis users.


Upgrade to version 0.19.5, 1.0.0 RC5 or higher.

See Also

Plugin Details

Severity: High

ID: 4326

Family: CGI

Published: 2007/12/27

Modified: 2016/01/15

Dependencies: 1442

Risk Information

Risk Factor: High


Base Score: 7.5

Temporal Score: 6.2

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P

Temporal Vector: CVSS2#E:F/RL:OF/RC:C


Base Score: 7.3

Temporal Score: 6.8


Temporal Vector: CVSS3#E:F/RL:O/RC:C

Vulnerability Information

CPE: cpe:/a:mantisbt:mantisbt

Reference Information

CVE: CVE-2007-6611, CVE-2008-0404

BID: 27367, 27045