medium
6.6
CWE
79
EPSS
0.045%
Advisory Published
Advisory Published
Updated

CVE-2024-34081: MantisBT Cross-site Scripting vulnerability

First published: Mon May 13 2024(Updated: )

Improper escaping of a custom field's name allows an attacker to inject HTML and, if CSP settings permit, achieve execution of arbitrary JavaScript when: - resolving or closing issues (bug_change_status_page.php) belonging to a project linking said custom field - viewing issues (view_all_bug_page.php) when the custom field is displayed as a column - printing issues (print_all_bug_page.php) when the custom field is displayed as a column ### Impact Cross-site scripting (XSS). ### Patches https://github.com/mantisbt/mantisbt/commit/447a521aae0f82f791b8116a14a20e276df739be ### Workarounds Ensure Custom Field Names do not contain HTML tags. ### References - https://mantisbt.org/bugs/view.php?id=34432 - This is related to CVE-2020-25830 (same root cause, different affected pages)

Credit: security-advisories@github.com security-advisories@github.com

Affected SoftwareAffected VersionHow to fix
composer/mantisbt/mantisbt<2.26.2
2.26.2
CentOS Libreport-plugin-mantisbt<2.26.2

Remedy

https://github.com/mantisbt/mantisbt/commit/447a521aae0f82f791b8116a14a20e276df739be

Remedy

https://github.com/mantisbt/mantisbt/security/advisories/GHSA-wgx7-jp56-65mq

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

Reference Links

Frequently Asked Questions

  • What is the severity of CVE-2024-34081?

    CVE-2024-34081 has been classified with a high severity due to its potential for arbitrary JavaScript execution.

  • How do I fix CVE-2024-34081?

    To mitigate CVE-2024-34081, upgrade to MantisBT version 2.26.2 or later.

  • What types of attacks are possible with CVE-2024-34081?

    CVE-2024-34081 allows attackers to inject HTML and potentially execute arbitrary JavaScript if CSP settings are permissive.

  • Which versions of MantisBT are affected by CVE-2024-34081?

    CVE-2024-34081 affects all versions of MantisBT prior to 2.26.2.

  • Where does CVE-2024-34081 occur in MantisBT?

    CVE-2024-34081 can be exploited while resolving or closing issues and viewing issues that link to a vulnerable custom field.

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2025 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203