#VU18913 Cross-site scripting in MantisBT - CVE-2018-16514

Cybersecurity Help s.r.o.

Published: 2019-06-25 | Updated: 2019-06-26

Vulnerability identifier: #VU18913

Vulnerability risk: Medium

CVSSv4.0: 0.5 [CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N/E:U/U:Green]

CVE-ID: CVE-2018-16514

CWE-ID: CWE-79

Exploitation vector: Network

Exploit availability: No

Vulnerable software:
MantisBT
Web applications / Other software

Vendor: mantisbt.sourceforge.net

Description

Vulnerability allows a remote attacker to perform Cross-site scripting attacks.

The vulnerability exists due to an input validation error in the "view_filters_page.php" and "manage_filter_edit_page.php" pages. A remote attacker is able to inject arbitrary code (if CSP settings permit it) through a crafted "PATH_INFO". This vulnerability exists because of an incomplete fix for XSS issue (SB2018080310)

Successful exploitation of this vulnerability may allow a remote attacker to steal potentially sensitive information, change appearance of the web page, perform phishing and drive-by-download attacks.

Mitigation
Install update from vendor's website.

Vulnerable software versions

MantisBT: 2.1.0 - 2.17.0

External links
https://mantisbt.org/bugs/view.php?id=24731

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

Latest bulletins with this vulnerability

Cross-site scripting in MantisBT