CVE-2017-12061

MEDIUM

MantisBT <1.3.12, 2.x <2.5.2 - XSS

Title source: llm

Description

An XSS issue was discovered in admin/install.php in MantisBT before 1.3.12 and 2.x before 2.5.2. Some variables under user control in the MantisBT installation script are not properly sanitized before being output, allowing remote attackers to inject arbitrary JavaScript code, as demonstrated by the $f_database, $f_db_username, and $f_admin_username variables. This is mitigated by the fact that the admin/ folder should be deleted after installation, and also prevented by CSP.

References (6)

[Mailing List, Third Party Advisory] http://openwall.com/lists/oss-security/2017/08/01/1

[Mailing List, Third Party Advisory] http://openwall.com/lists/oss-security/2017/08/01/2

[Third Party Advisory, VDB Entry] http://www.securitytracker.com/id/1039030

[Patch, Third Party Advisory] https://github.com/mantisbt/mantisbt/commit/17f9b94f031ba93ae2a727bca0e68458ecd08fb0

[Patch, Third Party Advisory] https://github.com/mantisbt/mantisbt/commit/c73ae3d3d4dd4681489a9e697e8ade785e27cba5

View Patch ZIP pw:eip

[Issue Tracking, Vendor Advisory] https://mantisbt.org/bugs/view.php?id=23146

Scores

CVSS v3 6.1

EPSS 0.0103

EPSS Percentile 77.2%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

Details

CWE

CWE-79

Status published

Products (3)

mantisbt/mantisbt < 1.3.12

mantisbt/mantisbt < 1.3.12Packagist

n/a/n/a

Published Aug 01, 2017

Tracked Since Feb 18, 2026