#VU18912 Cross-site scripting in MantisBT - CVE-2018-13055

Cybersecurity Help s.r.o.

Published: 2019-06-25 | Updated: 2019-06-26

Vulnerability identifier: #VU18912

Vulnerability risk: Medium

CVSSv4.0: 1.2 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N/E:U/U:Green]

CVE-ID: CVE-2018-13055

CWE-ID: CWE-79

Exploitation vector: Network

Exploit availability: No

Vulnerable software:
MantisBT
Web applications / Other software

Vendor: mantisbt.sourceforge.net

Description

Vulnerability allows a remote attacker to perform XSS attacks.

The vulnerability is caused by an input validation error in the "view_filters_page.php" page. A remote attacker can inject arbitrary code (if CSP settings permit it) through a crafted "PATH_INFO".

Successful exploitation of this vulnerability may allow a remote attacker to steal potentially sensitive information, change appearance of the web page, perform phishing and drive-by-download attacks.

Mitigation
Install update from vendor's website.

Vulnerable software versions

MantisBT: 2.1.0 - 2.17.0

External links
https://github.com/mantisbt/mantisbt/commit/4efac90ed89a5c009108b641e2e95683791a165a
https://mantisbt.org/blog/archives/mantisbt/602
https://mantisbt.org/bugs/view.php?id=24580

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

Latest bulletins with this vulnerability

Red Hat update for tomcat

Cross-site scripting in MantisBT