Re: Bug#595510: mantis: CVE-2010-2574 xss vulnerability
Hi.
Le samedi 04 septembre 2010 à 16:31 -0400, Michael Gilbert a écrit :
> On Sat, 04 Sep 2010 20:53:33 +0200 sils wrote:
>
> > version 595510 1.2.x
> > forwarded 595510 http://www.mantisbt.org/bugs/view.php?id=12312
> > thanks
>
> according to that bug report the issue is actually in nusoap. i see
> that mantis already depends on that. if you are completely sure that
> mantis doesn't use its embedded version, we should reassign the bug.
>
Repeating myself from :
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=595510#26 in case you'd
have missed it :
The description of CVE-2010-2574 :
"Cross-site scripting (XSS) vulnerability in
manage_proj_cat_add.php in MantisBT 1.2.2 allows remote
authenticated administrators to inject arbitrary web script or
HTML via the name parameter in an Add Category action."
mentions things I doubt are related to nusoap and mantis SOAP interface.
I've already removed the forwarded property for #595510, as a
consequence. Other links may need to be adjusted in case (security
tracker ?).
I think that's here a completely distinct XSS issue relating to pure
Mantis code, but couldn't find more details so far in upstream tracker
(at mantisbt.org).
Hope this helps.
Best regards,
--
Olivier BERGER <olivier.berger@it-sudparis.eu>
http://www-public.it-sudparis.eu/~berger_o/ - OpenPGP-Id: 2048R/5819D7E8
Ingénieur Recherche - Dept INF
Institut TELECOM, SudParis (http://www.it-sudparis.eu/), Evry (France)
Reply to: