Lucene search

GoogleOSV:CVE-2023-49802

HistoryDec 11, 2023 - 10:15 p.m.

CVE-2023-49802

2023-12-1122:15:06

Google

osv.dev

cve-2023-49802

linkedcustomfields

mantisbt

cross-site scripting

javascript execution

content security policy

software

CVSS3

6.7

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

HIGH

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

LOW

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:L

AI Score

6.1

Confidence

High

EPSS

0.001

Percentile

23.6%

JSON

The LinkedCustomFields plugin for MantisBT allows users to link values between two custom fields, creating linked drop-downs. Prior to version 2.0.1, cross-site scripting in the MantisBT LinkedCustomFields plugin allows Javascript execution, when a crafted Custom Field is linked via the plugin and displayed when reporting a new Issue or editing an existing one. This issue is fixed in version 2.0.1. As a workaround, one may utilize MantisBT’s default Content Security Policy, which blocks script execution.

References

github.com/mantisbt-plugins/LinkedCustomFields/commit/30e5ae751e40d7ae18bfd794fd48671477b3d286

github.com/mantisbt-plugins/LinkedCustomFields/issues/10

github.com/mantisbt-plugins/LinkedCustomFields/pull/11

github.com/mantisbt-plugins/LinkedCustomFields/security/advisories/GHSA-2f37-9xpx-5hhw

CVSS3

6.7

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

HIGH

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

LOW

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:L

AI Score

6.1

Confidence

High

EPSS

0.001

Percentile

23.6%

JSON

Related for OSV:CVE-2023-49802