Required CVE Record Information
Description
The string_sanitize_url function in core/string_api.php in MantisBT 1.2.0a3 through 1.2.18 uses an incorrect regular expression, which allows remote attackers to conduct open redirect and phishing attacks via a URL with a ":/" (colon slash) separator in the return parameter to login_page.php, a different vulnerability than CVE-2014-6316.
References 6 Total
- https://www.mantisbt.org/bugs/view.php?id=17997
- securitytracker.com: 1031633 vdb-entry
- openwall.com: [oss-security] 20150110 Re: CVE-2014-6316: URL redirection issue in MantisBT mailing-list
- openwall.com: [oss-security] 20150111 Re: Re: CVE-2014-6316: URL redirection issue in MantisBT mailing-list
- seclists.org: 20150128 CVE-2015-1042 - Mantis BugTracker 1.2.19 - URL Redirection to Untrusted Site ('Open Redirect') mailing-list
- http://packetstormsecurity.com/files/130142/Mantis-BugTracker-1.2.19-Open-Redirect.html
Updated:
This container includes required additional information provided by the CVE Program for this vulnerability.
References 6 Total
- https://www.mantisbt.org/bugs/view.php?id=17997 x_transferred
- securitytracker.com: 1031633 vdb-entryx_transferred
- openwall.com: [oss-security] 20150110 Re: CVE-2014-6316: URL redirection issue in MantisBT mailing-listx_transferred
- openwall.com: [oss-security] 20150111 Re: Re: CVE-2014-6316: URL redirection issue in MantisBT mailing-listx_transferred
- seclists.org: 20150128 CVE-2015-1042 - Mantis BugTracker 1.2.19 - URL Redirection to Untrusted Site ('Open Redirect') mailing-listx_transferred
- http://packetstormsecurity.com/files/130142/Mantis-BugTracker-1.2.19-Open-Redirect.html x_transferred