Lucene search

GitHub_MVULNRICHMENT:CVE-2023-49802

HistoryDec 11, 2023 - 9:11 p.m.

CVE-2023-49802 MantisBT LinkedCustomFields Cross-site Scripting vulnerability

2023-12-1121:11:53

CWE-79

GitHub_M

github.com

mantisbt

linkedcustomfields

cross-site scripting

cve-2023-49802

javascript execution

content security policy

CVSS3

6.7

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

HIGH

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

LOW

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:L

AI Score

6.3

Confidence

High

SSVC

Exploitation

none

Automatable

Technical Impact

total

JSON

The LinkedCustomFields plugin for MantisBT allows users to link values between two custom fields, creating linked drop-downs. Prior to version 2.0.1, cross-site scripting in the MantisBT LinkedCustomFields plugin allows Javascript execution, when a crafted Custom Field is linked via the plugin and displayed when reporting a new Issue or editing an existing one. This issue is fixed in version 2.0.1. As a workaround, one may utilize MantisBT’s default Content Security Policy, which blocks script execution.

References

github.com/mantisbt-plugins/LinkedCustomFields/commit/30e5ae751e40d7ae18bfd794fd48671477b3d286

github.com/mantisbt-plugins/LinkedCustomFields/issues/10

github.com/mantisbt-plugins/LinkedCustomFields/pull/11

github.com/mantisbt-plugins/LinkedCustomFields/security/advisories/GHSA-2f37-9xpx-5hhw

CVSS3

6.7

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

HIGH

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

LOW

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:L

AI Score

6.3

Confidence

High

SSVC

Exploitation

none

Automatable

Technical Impact

total

JSON

Related for VULNRICHMENT:CVE-2023-49802