CVE-2017-7241 Information

Description

A cross-site scripting (XSS) vulnerability in the MantisBT Move Attachments page (move_attachments_page.php part of admin tools) allows remote attackers to inject arbitrary code through a crafted ’type’ parameter if Content Security Protection (CSP) settings allows it. This is fixed in 1.3.9 2.1.3 and 2.2.3. Note that this vulnerability is not exploitable if the admin tools directory is removed as recommended in the \Post-installation and upgrade tasks\ of the MantisBT Admin Guide. A reminder to do so is also displayed on the login page.

CVSS Vector

CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N

Reference

http://openwall.com/lists/oss-security/2017/03/30/4 http://www.mantisbt.org/bugs/view.php?id=22568 http://www.securityfocus.com/bid/97253 http://www.securitytracker.com/id/1038169

Attack Complexity

LOW

Privileges Required

HIGH

User Interaction Required

HIGH

Scope

REQUIRED

Confidentiality Impact

CHANGED

Integrity Impact

LOW

Availability Impact

LOW

Base Score

NONE

Base Severity

4.8