CVE-2017-12061 Information

Feb 14, 2021 cve

Description

An XSS issue was discovered in admin/install.php in MantisBT before 1.3.12 and 2.x before 2.5.2. Some variables under user control in the MantisBT installation script are not properly sanitized before being output allowing remote attackers to inject arbitrary JavaScript code as demonstrated by the $f_database $f_db_username and $f_admin_username variables. This is mitigated by the fact that the admin/ folder should be deleted after installation and also prevented by CSP.

CVSS Vector

CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

Reference

http://openwall.com/lists/oss-security/2017/08/01/1 http://openwall.com/lists/oss-security/2017/08/01/2 http://www.securitytracker.com/id/1039030 https://github.com/mantisbt/mantisbt/commit/17f9b94f031ba93ae2a727bca0e68458ecd08fb0 https://github.com/mantisbt/mantisbt/commit/c73ae3d3d4dd4681489a9e697e8ade785e27cba5 https://mantisbt.org/bugs/view.php?id=23146

Attack Complexity

LOW

Privileges Required

NONE

User Interaction Required

NONE

Scope

REQUIRED

Confidentiality Impact

CHANGED

Integrity Impact

LOW

Availability Impact

LOW

Base Score

NONE

Base Severity

6.1

Share on: