[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Bug#595510: mantis: CVE-2010-2574 xss vulnerability

Hi.

Le samedi 04 septembre 2010 à 16:31 -0400, Michael Gilbert a écrit :
> On Sat, 04 Sep 2010 20:53:33 +0200 sils wrote:
> 
> > version 595510 1.2.x
> > forwarded 595510 http://www.mantisbt.org/bugs/view.php?id=12312
> > thanks
> 
> according to that bug report the issue is actually in nusoap.  i see
> that mantis already depends on that.  if you are completely sure that
> mantis doesn't use its embedded version, we should reassign the bug.
> 

Repeating myself from :
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=595510#26 in case you'd
have missed it :

The description of CVE-2010-2574 : 
        "Cross-site scripting (XSS) vulnerability in
        manage_proj_cat_add.php in MantisBT 1.2.2 allows remote
        authenticated administrators to inject arbitrary web script or
        HTML via the name parameter in an Add Category action." 
mentions things I doubt are related to nusoap and mantis SOAP interface.

I've already removed the forwarded property for #595510, as a
consequence. Other links may need to be adjusted in case (security
tracker ?).

I think that's here a completely distinct XSS issue relating to pure
Mantis code, but couldn't find more details so far in upstream tracker
(at mantisbt.org).

Hope this helps.

Best regards,
-- 
Olivier BERGER <olivier.berger@it-sudparis.eu>
http://www-public.it-sudparis.eu/~berger_o/ - OpenPGP-Id: 2048R/5819D7E8
Ingénieur Recherche - Dept INF
Institut TELECOM, SudParis (http://www.it-sudparis.eu/), Evry (France)
Reply to: