MantisBT multiple URI Redirection Vulnerability (CVE-2014-6316)
Release date: 2014-3 3
Updated on:
Affected Systems:
Mantisbt <1.2.18
Description:
Bugtraq id: 71478
CVE (CAN) ID: CVE-2014-6316
MantisBT is a Web-based bug Tracking System.
When MantisBT 1.2.0a3-1.2.17 runs under the web root, core/string_api.php does not properly classify the URL, which allows remote attackers to construct the url through the login_page.php return parameter, attackers can exploit this vulnerability to perform redirection and phishing attacks.
<* Source: Mathias Karlsson
*>
Test method:
Alert
The following procedures (methods) may be offensive and are intended only for security research and teaching. Users are at your own risk!
Http://www.example.com/login_page.php? Return = http://www.example1.com
Suggestion:
Vendor patch:
Mantisbt
--------
The vendor has released a patch to fix this security problem. Please download it from the vendor's homepage:
Https://www.mantisbt.org/bugs/view.php? Id = 17648
Https://github.com/mantisbt/mantisbt/commit/e66ecc9f
This article permanently updates the link address: