OpenCVE

The LinkedCustomFields plugin for MantisBT allows users to link values between two custom fields, creating linked drop-downs. Prior to version 2.0.1, cross-site scripting in the MantisBT LinkedCustomFields plugin allows Javascript execution, when a crafted Custom Field is linked via the plugin and displayed when reporting a new Issue or editing an existing one. This issue is fixed in version 2.0.1. As a workaround, one may utilize MantisBT's default Content Security Policy, which blocks script execution.

No CVSS v4.0

Attack Vector Network

Attack Complexity Low

Privileges Required High

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact Low

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Mantisbt	Linked Custom Fields

Configuration 1 [-]

cpe:2.3:a:mantisbt:linked_custom_fields:*:*:*:*:*:mantisbt:*:*

No data.

References

Link	Providers
https://github.com/mantisbt-plugins/LinkedCustomFields/commit/30e5ae751e40d7ae18bfd794fd48671477b3d286
https://github.com/mantisbt-plugins/LinkedCustomFields/issues/10
https://github.com/mantisbt-plugins/LinkedCustomFields/pull/11
https://github.com/mantisbt-plugins/LinkedCustomFields/security/advisories/GHSA-2f37-9xpx-5hhw

History

No history.

MITRE

Status: PUBLISHED

Assigner: GitHub_M

Published: 2023-12-11T21:11:53.407Z

Updated: 2024-08-28T15:12:57.432Z

Reserved: 2023-11-30T13:39:50.864Z

Link: CVE-2023-49802

Vulnrichment

Updated: 2024-08-02T22:01:26.034Z

NVD

Status : Modified

Published: 2023-12-11T22:15:06.730

Modified: 2024-11-21T08:33:52.427

Link: CVE-2023-49802

Redhat

No data.

{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2023-49802", "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "state": "PUBLISHED", "assignerShortName": "GitHub_M", "dateReserved": "2023-11-30T13:39:50.864Z", "datePublished": "2023-12-11T21:11:53.407Z", "dateUpdated": "2024-08-28T15:12:57.432Z"}, "containers": {"cna": {"title": "MantisBT LinkedCustomFields Cross-site Scripting vulnerability", "problemTypes": [{"descriptions": [{"cweId": "CWE-79", "lang": "en", "description": "CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')", "type": "CWE"}]}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 6.7, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:L", "version": "3.1"}}], "references": [{"name": "https://github.com/mantisbt-plugins/LinkedCustomFields/security/advisories/GHSA-2f37-9xpx-5hhw", "tags": ["x_refsource_CONFIRM"], "url": "https://github.com/mantisbt-plugins/LinkedCustomFields/security/advisories/GHSA-2f37-9xpx-5hhw"}, {"name": "https://github.com/mantisbt-plugins/LinkedCustomFields/issues/10", "tags": ["x_refsource_MISC"], "url": "https://github.com/mantisbt-plugins/LinkedCustomFields/issues/10"}, {"name": "https://github.com/mantisbt-plugins/LinkedCustomFields/pull/11", "tags": ["x_refsource_MISC"], "url": "https://github.com/mantisbt-plugins/LinkedCustomFields/pull/11"}, {"name": "https://github.com/mantisbt-plugins/LinkedCustomFields/commit/30e5ae751e40d7ae18bfd794fd48671477b3d286", "tags": ["x_refsource_MISC"], "url": "https://github.com/mantisbt-plugins/LinkedCustomFields/commit/30e5ae751e40d7ae18bfd794fd48671477b3d286"}], "affected": [{"vendor": "mantisbt-plugins", "product": "LinkedCustomFields", "versions": [{"version": "< 2.0.1", "status": "affected"}]}], "providerMetadata": {"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "shortName": "GitHub_M", "dateUpdated": "2023-12-11T21:11:53.407Z"}, "descriptions": [{"lang": "en", "value": "The LinkedCustomFields plugin for MantisBT allows users to link values between two custom fields, creating linked drop-downs. Prior to version 2.0.1, cross-site scripting in the MantisBT LinkedCustomFields plugin allows Javascript execution, when a crafted Custom Field is linked via the plugin and displayed when reporting a new Issue or editing an existing one. This issue is fixed in version 2.0.1. As a workaround, one may utilize MantisBT's default Content Security Policy, which blocks script execution."}], "source": {"advisory": "GHSA-2f37-9xpx-5hhw", "discovery": "UNKNOWN"}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T22:01:26.034Z"}, "title": "CVE Program Container", "references": [{"name": "https://github.com/mantisbt-plugins/LinkedCustomFields/security/advisories/GHSA-2f37-9xpx-5hhw", "tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://github.com/mantisbt-plugins/LinkedCustomFields/security/advisories/GHSA-2f37-9xpx-5hhw"}, {"name": "https://github.com/mantisbt-plugins/LinkedCustomFields/issues/10", "tags": ["x_refsource_MISC", "x_transferred"], "url": "https://github.com/mantisbt-plugins/LinkedCustomFields/issues/10"}, {"name": "https://github.com/mantisbt-plugins/LinkedCustomFields/pull/11", "tags": ["x_refsource_MISC", "x_transferred"], "url": "https://github.com/mantisbt-plugins/LinkedCustomFields/pull/11"}, {"name": "https://github.com/mantisbt-plugins/LinkedCustomFields/commit/30e5ae751e40d7ae18bfd794fd48671477b3d286", "tags": ["x_refsource_MISC", "x_transferred"], "url": "https://github.com/mantisbt-plugins/LinkedCustomFields/commit/30e5ae751e40d7ae18bfd794fd48671477b3d286"}]}, {"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2024-08-28T15:12:18.863462Z", "id": "CVE-2023-49802", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-08-28T15:12:57.432Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CVE Program Container", "references": [{"url": "https://github.com/mantisbt-plugins/LinkedCustomFields/security/advisories/GHSA-2f37-9xpx-5hhw", "name": "https://github.com/mantisbt-plugins/LinkedCustomFields/security/advisories/GHSA-2f37-9xpx-5hhw", "tags": ["x_refsource_CONFIRM", "x_transferred"]}, {"url": "https://github.com/mantisbt-plugins/LinkedCustomFields/issues/10", "name": "https://github.com/mantisbt-plugins/LinkedCustomFields/issues/10", "tags": ["x_refsource_MISC", "x_transferred"]}, {"url": "https://github.com/mantisbt-plugins/LinkedCustomFields/pull/11", "name": "https://github.com/mantisbt-plugins/LinkedCustomFields/pull/11", "tags": ["x_refsource_MISC", "x_transferred"]}, {"url": "https://github.com/mantisbt-plugins/LinkedCustomFields/commit/30e5ae751e40d7ae18bfd794fd48671477b3d286", "name": "https://github.com/mantisbt-plugins/LinkedCustomFields/commit/30e5ae751e40d7ae18bfd794fd48671477b3d286", "tags": ["x_refsource_MISC", "x_transferred"]}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T22:01:26.034Z"}}, {"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2023-49802", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "version": "2.0.3", "timestamp": "2024-08-28T15:12:18.863462Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-08-28T15:12:39.542Z"}}], "cna": {"title": "MantisBT LinkedCustomFields Cross-site Scripting vulnerability", "source": {"advisory": "GHSA-2f37-9xpx-5hhw", "discovery": "UNKNOWN"}, "metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 6.7, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:L", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "LOW", "privilegesRequired": "HIGH", "confidentialityImpact": "HIGH"}}], "affected": [{"vendor": "mantisbt-plugins", "product": "LinkedCustomFields", "versions": [{"status": "affected", "version": "< 2.0.1"}]}], "references": [{"url": "https://github.com/mantisbt-plugins/LinkedCustomFields/security/advisories/GHSA-2f37-9xpx-5hhw", "name": "https://github.com/mantisbt-plugins/LinkedCustomFields/security/advisories/GHSA-2f37-9xpx-5hhw", "tags": ["x_refsource_CONFIRM"]}, {"url": "https://github.com/mantisbt-plugins/LinkedCustomFields/issues/10", "name": "https://github.com/mantisbt-plugins/LinkedCustomFields/issues/10", "tags": ["x_refsource_MISC"]}, {"url": "https://github.com/mantisbt-plugins/LinkedCustomFields/pull/11", "name": "https://github.com/mantisbt-plugins/LinkedCustomFields/pull/11", "tags": ["x_refsource_MISC"]}, {"url": "https://github.com/mantisbt-plugins/LinkedCustomFields/commit/30e5ae751e40d7ae18bfd794fd48671477b3d286", "name": "https://github.com/mantisbt-plugins/LinkedCustomFields/commit/30e5ae751e40d7ae18bfd794fd48671477b3d286", "tags": ["x_refsource_MISC"]}], "descriptions": [{"lang": "en", "value": "The LinkedCustomFields plugin for MantisBT allows users to link values between two custom fields, creating linked drop-downs. Prior to version 2.0.1, cross-site scripting in the MantisBT LinkedCustomFields plugin allows Javascript execution, when a crafted Custom Field is linked via the plugin and displayed when reporting a new Issue or editing an existing one. This issue is fixed in version 2.0.1. As a workaround, one may utilize MantisBT's default Content Security Policy, which blocks script execution."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-79", "description": "CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')"}]}], "providerMetadata": {"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "shortName": "GitHub_M", "dateUpdated": "2023-12-11T21:11:53.407Z"}}}, "cveMetadata": {"cveId": "CVE-2023-49802", "state": "PUBLISHED", "dateUpdated": "2024-08-28T15:12:57.432Z", "dateReserved": "2023-11-30T13:39:50.864Z", "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "datePublished": "2023-12-11T21:11:53.407Z", "assignerShortName": "GitHub_M"}, "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:mantisbt:linked_custom_fields:*:*:*:*:*:mantisbt:*:*", "matchCriteriaId": "0A8DBAA5-48FF-4744-A583-D7CA7A1DAFF1", "versionEndExcluding": "2.0.1", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "The LinkedCustomFields plugin for MantisBT allows users to link values between two custom fields, creating linked drop-downs. Prior to version 2.0.1, cross-site scripting in the MantisBT LinkedCustomFields plugin allows Javascript execution, when a crafted Custom Field is linked via the plugin and displayed when reporting a new Issue or editing an existing one. This issue is fixed in version 2.0.1. As a workaround, one may utilize MantisBT's default Content Security Policy, which blocks script execution."}, {"lang": "es", "value": "El complemento LinkedCustomFields para MantisBT permite a los usuarios vincular valores entre dos campos personalizados, creando men\u00fas desplegables vinculados. Antes de la versi\u00f3n 2.0.1, cross-site scripting en el complemento MantisBT LinkedCustomFields permit\u00edan la ejecuci\u00f3n de Javascript, cuando un campo personalizado manipulado se vincula a trav\u00e9s del complemento y se muestra al informar un nuevo problema o editar uno existente. Este problema se solucion\u00f3 en la versi\u00f3n 2.0.1. Como workaround, se puede utilizar la Pol\u00edtica de Seguridad de Contenido predeterminada de MantisBT, que bloquea la ejecuci\u00f3n del script."}], "id": "CVE-2023-49802", "lastModified": "2024-11-21T08:33:52.427", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 6.7, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:L", "version": "3.1"}, "exploitabilityScore": 1.2, "impactScore": 5.5, "source": "security-advisories@github.com", "type": "Secondary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.1, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 2.7, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2023-12-11T22:15:06.730", "references": [{"source": "security-advisories@github.com", "tags": ["Patch"], "url": "https://github.com/mantisbt-plugins/LinkedCustomFields/commit/30e5ae751e40d7ae18bfd794fd48671477b3d286"}, {"source": "security-advisories@github.com", "tags": ["Issue Tracking", "Patch"], "url": "https://github.com/mantisbt-plugins/LinkedCustomFields/issues/10"}, {"source": "security-advisories@github.com", "tags": ["Issue Tracking"], "url": "https://github.com/mantisbt-plugins/LinkedCustomFields/pull/11"}, {"source": "security-advisories@github.com", "tags": ["Vendor Advisory"], "url": "https://github.com/mantisbt-plugins/LinkedCustomFields/security/advisories/GHSA-2f37-9xpx-5hhw"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch"], "url": "https://github.com/mantisbt-plugins/LinkedCustomFields/commit/30e5ae751e40d7ae18bfd794fd48671477b3d286"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Issue Tracking", "Patch"], "url": "https://github.com/mantisbt-plugins/LinkedCustomFields/issues/10"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Issue Tracking"], "url": "https://github.com/mantisbt-plugins/LinkedCustomFields/pull/11"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "https://github.com/mantisbt-plugins/LinkedCustomFields/security/advisories/GHSA-2f37-9xpx-5hhw"}], "sourceIdentifier": "security-advisories@github.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-79"}], "source": "security-advisories@github.com", "type": "Secondary"}]}