SynopsisThe remote web server is hosting an outdated web application that is vulnerable to multiple attack vectors.
DescriptionVersions of MantisBT 1.3.x prior to 1.3.1 are affected by the following vulnerabilities :
- A flaw exists that allows a cross-site scripting (XSS) attack. This flaw exists because the 'view_all_bug_page.php' script does not validate input to the 'view_type' parameter before returning it to users. This may allow a remote attacker to create a specially crafted request that would execute arbitrary script code in a user's browser session within the trust relationship between their browser and the server. (CVE-2016-6837)
- A flaw exists that is triggered as the 'header()' function may replace a value when receiving a second instance of a variable. This may cause the default Gravatar plugin to overwrite the Content Security Policy (CSP) with its own, less strict version. This may allow a remote attacker to more easily conduct XSS attacks. (CVE-2016-7111)
SolutionUpgrade to MantisBT 1.3.1 or later.