View Issue Details

IDProjectCategoryView StatusLast Update
0026434mantisbtsecuritypublic2019-12-13 16:23
Reporterjingshaochen Assigned To 
PrioritynormalSeveritymajorReproducibilityalways
Status newResolutionopen 
Product Version2.22.1 
Summary0026434: Use of _SERVER['HTTP_HOST'], _SERVER['SERVER_NAME'], and _SERVER['HTTP_X_FORWARDED_HOST'] should be avoided
Description

HTTP_HOST, HTTP_X_FORWARDED_HOST, and SERVER_NAME can be easily spoofed by inserting a Host header from the client side. Mantis uses that as the server hostname to construct every link. The using of those variables are integrated in $g_path in the config_defaults_inc.php file.

Details on the vulnerability can be found here: http://www.skeletonscribe.net/2013/05/practical-http-host-header-attacks.html

TagsNo tags attached.

Activities

jingshaochen

jingshaochen

2019-12-13 15:36

reporter   ~0063278

Any update?

Issue History

Date Modified Username Field Change
2019-12-05 14:14 jingshaochen New Issue
2019-12-13 15:36 jingshaochen Note Added: 0063278