CVE-2015-1042

The string_sanitize_url function in core/string_api.php in MantisBT 1.2.0a3 through 1.2.18 uses an incorrect regular expression, which allows remote attackers to conduct open redirect and phishing attacks via a URL with a ":/" (colon slash) separator in the return parameter to login_page.php, a different vulnerability than CVE-2014-6316.
Severity
UNKNOWN
AV:N/AC:M/Au:N/C:P/I:P/A:N
Atk. Vector
NETWORK
Atk. Complexity
MEDIUM
Base Score
CVSS 3.x
EPSS Score
Percentile: 82%
VendorProductVersion
mantisbtmantisbt
1.2.0
mantisbtmantisbt
1.2.0
mantisbtmantisbt
1.2.0
mantisbtmantisbt
1.2.1
mantisbtmantisbt
1.2.2
mantisbtmantisbt
1.2.3
mantisbtmantisbt
1.2.4
mantisbtmantisbt
1.2.5
mantisbtmantisbt
1.2.6
mantisbtmantisbt
1.2.7
mantisbtmantisbt
1.2.8
mantisbtmantisbt
1.2.9
mantisbtmantisbt
1.2.10
mantisbtmantisbt
1.2.11
mantisbtmantisbt
1.2.12
mantisbtmantisbt
1.2.13
mantisbtmantisbt
1.2.14
mantisbtmantisbt
1.2.15
mantisbtmantisbt
1.2.16
mantisbtmantisbt
1.2.17
mantisbtmantisbt
1.2.18
𝑥
= Vulnerable software versions
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
mantis
zesty
dne
yakkety
dne
xenial
dne
wily
dne
vivid
dne
utopic
dne
trusty
dne
precise
ignored
lucid
ignored