View Issue Details
| ID | Project | Category | View Status | Date Submitted | Last Update |
|---|---|---|---|---|---|
| 0012231 | mantisbt | security | public | 2010-08-04 09:15 | 2022-03-01 02:26 |
| Reporter | jreese | Assigned To | dhx | ||
| Priority | normal | Severity | minor | Reproducibility | always |
| Status | closed | Resolution | fixed | ||
| Product Version | 1.2.2 | ||||
| Target Version | 1.2.3 | Fixed in Version | 1.2.3 | ||
| Summary | 0012231: XSS vulnerability when uninstalling maliciously named plugins | ||||
| Description | Found when investigating Secunia report SA40832. There is an XSS vulnerability when uninstalling plugins that have been maliciously named. Chance of attack is extremely low due to requiring site admin access to both install and uninstall plugins. | ||||
| Tags | No tags attached. | ||||
|
MantisBT: master 2e397700 2010-08-04 09:23 Details Diff |
Fix 0012231: XSS vulnerability when uninstalling badly named plugins John Reese discovered an XSS vulnerability with the uninstall confirmation message shown when plugins are being uninstalled. The plugin name is not escaped before being outputted and thus HTML unsafe characters are not sanitised. This doesn't actually pose a security risk because it requires someone to: a) Have access to the server to rename a plugin in the PHP files b) Have administrator access to the MantisBT installation |
Affected Issues 0012231 |
|
| mod - manage_plugin_uninstall.php | Diff File | ||
|
MantisBT: master-1.2.x f60d0cfb 2010-08-04 09:23 Details Diff |
Fix 0012231: XSS vulnerability when uninstalling badly named plugins John Reese discovered an XSS vulnerability with the uninstall confirmation message shown when plugins are being uninstalled. The plugin name is not escaped before being outputted and thus HTML unsafe characters are not sanitised. This doesn't actually pose a security risk because it requires someone to: a) Have access to the server to rename a plugin in the PHP files b) Have administrator access to the MantisBT installation |
Affected Issues 0012231 |
|
| mod - manage_plugin_uninstall.php | Diff File | ||
