few minutes ago I found an old nice persistent XSS in latest version of Mantis Bug Tracker (1.2.12).
 |
| Persistent XSS for admin |
This vulnerability exists for admin user, but same could be in other part of this webapp.
Update : 18.01.2013
Few minutes ago I spoke again with Developer Team.
After this little chat I have surprise for you: new Mantis BT is comming! :)
Update 21.01.2013
As you can see now (in comments) MantisBT is available for download and soon you can get
brand new version. Patch for this vulnerability, for now is available here .
Once again I would like to thanks MantisBT Team for a fast reply, great knowledge and excellent work! :)
Cheers! o/
Thanx for finding this. Can you provide the .php file and code to change in order to fix this? alternatively a patch?
ReplyDeletePlease refer to http://www.mantisbt.org/bugs/view.php?id=15373 for further details on the issue as well as the relevant patch.
ReplyDeleteMantisBT 1.2.13 will be released soon (probably sometime next week). Until then, can either apply the patch mentioned in the above link manually, or download a nightly build dated 18-Jan-2013 or later from http://www.mantisbt.org/builds/