CVE-2017-7241

A cross-site scripting (XSS) vulnerability in the MantisBT Move Attachments page (move_attachments_page.php, part of admin tools) allows remote attackers to inject arbitrary code through a crafted 'type' parameter, if Content Security Protection (CSP) settings allows it. This is fixed in 1.3.9, 2.1.3, and 2.2.3. Note that this vulnerability is not exploitable if the admin tools directory is removed, as recommended in the "Post-installation and upgrade tasks" of the MantisBT Admin Guide. A reminder to do so is also displayed on the login page.

Published: Mar 31, 2017
Updated: Apr 13, 2023
CVE: CVE-2017-7241
Severity: Low
Exploit:

CVSS v3:

Severity: Low
Score: 4.8
AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N

CVSS v2:

Severity: Low
Score: 3.5
AV:N/AC:M/Au:S/C:N/I:P/A:N

CWEs:

CWE-79

OWASP TOP 10:

A7 - Cross-Site Scripting (XSS)

Affected Software
References

Software	From	Fixed in
mantisbt / mantisbt	2.3.0	2.3.0.x
mantisbt / mantisbt	2.1.0	2.1.0.x
mantisbt / mantisbt	2.0.0-rc1	2.0.0-rc1.x
mantisbt / mantisbt	2.1.2	2.1.2.x
mantisbt / mantisbt	1.3.4	1.3.4.x
mantisbt / mantisbt	2.1.3	2.1.3.x
mantisbt / mantisbt	1.3.0-rc2	1.3.0-rc2.x
mantisbt / mantisbt	2.0.0-beta3	2.0.0-beta3.x
mantisbt / mantisbt	1.3.0-beta1	1.3.0-beta1.x
mantisbt / mantisbt	1.3.0-beta3	1.3.0-beta3.x
mantisbt / mantisbt	1.2.18	1.2.18.x
mantisbt / mantisbt	2.1.1	2.1.1.x
mantisbt / mantisbt	2.2.2	2.2.2.x
mantisbt / mantisbt	2.2.1	2.2.1.x
mantisbt / mantisbt	1.3.0-rc1	1.3.0-rc1.x
mantisbt / mantisbt	1.3.7	1.3.7.x
mantisbt / mantisbt	1.2.19	1.2.19.x
mantisbt / mantisbt	1.3.3	1.3.3.x
mantisbt / mantisbt	2.0.1	2.0.1.x
mantisbt / mantisbt	1.3.8	1.3.8.x
mantisbt / mantisbt	2.0.0-beta2	2.0.0-beta2.x
mantisbt / mantisbt	1.3.9	1.3.9.x
mantisbt / mantisbt	1.2.16	1.2.16.x
mantisbt / mantisbt	1.3.2	1.3.2.x
mantisbt / mantisbt	1.3.5	1.3.5.x
mantisbt / mantisbt	2.0.0-beta1	2.0.0-beta1.x
mantisbt / mantisbt	2.2.3	2.2.3.x
mantisbt / mantisbt	1.2.17	1.2.17.x
mantisbt / mantisbt	2.0.0	2.0.0.x
mantisbt / mantisbt	1.3.6	1.3.6.x
mantisbt / mantisbt	1.2.20	1.2.20.x
mantisbt / mantisbt	2.0.0-rc2	2.0.0-rc2.x
mantisbt / mantisbt	1.3.1	1.3.1.x
mantisbt / mantisbt	2.2.0	2.2.0.x
mantisbt / mantisbt	1.3.0-beta2	1.3.0-beta2.x

Vulnerability Database

289,697

CVE-2017-7241