View Issue Details
ID | Project | Category | View Status | Date Submitted | Last Update |
---|---|---|---|---|---|
0026434 | mantisbt | security | public | 2019-12-05 14:14 | 2019-12-13 16:23 |
Reporter | jingshaochen | Assigned To | |||
Priority | normal | Severity | major | Reproducibility | always |
Status | new | Resolution | open | ||
Product Version | 2.22.1 | ||||
Summary | 0026434: Use of _SERVER['HTTP_HOST'], _SERVER['SERVER_NAME'], and _SERVER['HTTP_X_FORWARDED_HOST'] should be avoided | ||||
Description | HTTP_HOST, HTTP_X_FORWARDED_HOST, and SERVER_NAME can be easily spoofed by inserting a Host header from the client side. Mantis uses that as the server hostname to construct every link. The using of those variables are integrated in Details on the vulnerability can be found here: http://www.skeletonscribe.net/2013/05/practical-http-host-header-attacks.html | ||||
Tags | No tags attached. | ||||