MantisBT 1.2.x < 1.2.18 Multiple Vulnerabilities
Medium Nessus Network Monitor Plugin ID 8905
SynopsisThe remote web server is hosting a web application that is vulnerable to multiple attack vectors.
DescriptionThe remote web server is hosting MantisBT, an open source bug tracking application written in PHP.
Versions of MantisBT 1.2.x prior to 1.2.18 are affected by the following vulnerabilities :
- An error exists in the file 'core/string_api.php' that could allow open redirect attacks. (CVE-2014-6316)
- An input validation flaw exists in 'helper_api.php' when the 'extended project browser' mode is enabled. This affects the 'project' cookie parameter, which could allow remote attackers to inject arbitrary web script or HTML into the page. (CVE-2014-9269)
SolutionUpgrade to MantisBT 1.2.18 or later.