← Back

CVE-2017-7620

nvd nist
Published: May 21, 2017Modified: May 13, 2026

JSON object

Loading...
6.5
Vector
CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N
Exploitability: 2.8 / Impact: 3.6
Source: NVD

Description

MantisBT before 1.3.11, 2.x before 2.3.3, and 2.4.x before 2.4.1 omits a backslash check in string_api.php and consequently has conflicting interpretations of an initial \/ substring as introducing either a local pathname or a remote hostname, which leads to (1) arbitrary Permalink Injection via CSRF attacks on a permalink_page.php?url= URI and (2) an open redirect via a login_page.php?return= URI.

Affected (11)

Products: Mantisbt: Mantisbt
Mantisbt
1 product
Mantisbt
Configuration A
11 vulnerable
Vulnerable SoftwareAffected Versions
Mantisbt
Mantisbt
Up to 1.3.10
Mantisbt
Version 2.0.0
Mantisbt
Version 2.0.1
Mantisbt
Version 2.1.0
Mantisbt
Version 2.1.1
Mantisbt
Version 2.1.2
Mantisbt
Version 2.2.0
Mantisbt
Version 2.2.2
Mantisbt
Version 2.2.3
Mantisbt
Version 2.2.4
Mantisbt
Version 2.4.0

Related CWEs

CWE-352
Cross-Site Request Forgery (CSRF)
The web application does not, or can not, sufficiently verify whether a well-formed, valid, consistent request was intentionally provided by the user who submitted the request.

References (10)

Source: cve@mitre.org
ExploitThird Party Advisory
Source: cve@mitre.org
Source: cve@mitre.org
Issue Tracking
Source: cve@mitre.org
Issue Tracking
Source: cve@mitre.org
ExploitThird Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
ExploitThird Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Issue Tracking
Source: af854a3a-2127-422b-91ae-364da2661108
Issue Tracking
Source: af854a3a-2127-422b-91ae-364da2661108
ExploitThird Party Advisory

Timeline

No history available yet.