MantisBT 1.2.13 <= 1.2.19 XSS
Medium Nessus Network Monitor Plugin ID 8678
SynopsisThe remote web server is hosting an outdated web application that is vulnerable to multiple cross-site scripting attacks.
DescriptionThe remote web server is hosting MantisBT, an open source bug tracking application written in PHP.
Versions of MantisBT 1.2.13 through 1.2.19 are affected by two cross-site scripting vulnerabilities in the 'adm_config_report.php' script due to lack of user input sanitization. Specifically, this issue affects the 'filter_config_id' parameter of the 'adm_config_report.php' script. Additionally, user-supplied input when saving form variable filters are not checked for validity when passed to the script. This could allow a remote attacker to create a specially crafted request that would execute arbitrary script code in a user's browser session within the trust relationship between the browser and server.
SolutionUpgrade to MantisBT 1.2.20 or later.