Vulnerability Description
An XSS vulnerability in MantisBT before 2.25.5 allows remote attackers to attach crafted SVG documents to issue reports or bugnotes. When a user or an admin clicks on the attachment, file_download.php opens the SVG document in a browser tab instead of downloading it as a file, causing the JavaScript code to execute.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Mantisbt | Mantisbt | < 2.25.5 |
Related Weaknesses (CWE)
References
- https://mantisbt.org/blog/archives/mantisbt/719Release NotesVendor Advisory
- https://mantisbt.org/bugs/view.php?id=29135ExploitIssue TrackingVendor Advisory
- https://mantisbt.org/bugs/view.php?id=30384ExploitIssue TrackingVendor Advisory
- https://mantisbt.org/blog/archives/mantisbt/719Release NotesVendor Advisory
- https://mantisbt.org/bugs/view.php?id=29135ExploitIssue TrackingVendor Advisory
- https://mantisbt.org/bugs/view.php?id=30384ExploitIssue TrackingVendor Advisory
FAQ
What is CVE-2022-33910?
CVE-2022-33910 is a vulnerability with a CVSS score of 5.4 (MEDIUM). An XSS vulnerability in MantisBT before 2.25.5 allows remote attackers to attach crafted SVG documents to issue reports or bugnotes. When a user or an admin clicks on the attachment, file_download.php...
How severe is CVE-2022-33910?
CVE-2022-33910 has been rated MEDIUM with a CVSS base score of 5.4/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2022-33910?
Check the references section above for vendor advisories and patch information. Affected products include: Mantisbt Mantisbt.