CVE-2014-6316 - Vulnerability Details - OpenCVE

core/string_api.php in MantisBT before 1.2.18 does not properly categorize URLs when running under the web root, which allows remote attackers to conduct open redirect and phishing attacks via a crafted URL in the return parameter to login_page.php.

No CVSS v4.0

No CVSS v3.1

No CVSS v3.0

Access Vector Network

Access Complexity Medium

Authentication None

Confidentiality Impact Partial

Integrity Impact Partial

Availability Impact None

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Mantisbt	Mantisbt

Configuration 1 [-]

cpe:2.3:a:mantisbt:mantisbt:*:*:*:*:*:*:*:*

No data.

References

Link	Providers
http://seclists.org/oss-sec/2014/q4/931
http://secunia.com/advisories/62101
http://www.debian.org/security/2015/dsa-3120
http://www.openwall.com/lists/oss-security/2014/12/03/11
http://www.securityfocus.com/bid/71478
https://exchange.xforce.ibmcloud.com/vulnerabilities/99128
https://github.com/mantisbt/mantisbt/commit/e66ecc9f
https://www.mantisbt.org/bugs/view.php?id=17648

History

No history.

MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2014-12-12T11:00:00

Updated: 2024-08-06T12:10:13.283Z

Reserved: 2014-09-11T00:00:00

Link: CVE-2014-6316

Vulnrichment

No data.

NVD

Status : Deferred

Published: 2014-12-12T11:59:03.610

Modified: 2025-04-12T10:46:40.837

Link: CVE-2014-6316

Redhat

No data.

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2014-12-02T00:00:00", "descriptions": [{"lang": "en", "value": "core/string_api.php in MantisBT before 1.2.18 does not properly categorize URLs when running under the web root, which allows remote attackers to conduct open redirect and phishing attacks via a crafted URL in the return parameter to login_page.php."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2017-09-07T15:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"tags": ["x_refsource_CONFIRM"], "url": "https://www.mantisbt.org/bugs/view.php?id=17648"}, {"name": "mantisbt-cve20146316-open-redirect(99128)", "tags": ["vdb-entry", "x_refsource_XF"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/99128"}, {"name": "71478", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/71478"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://github.com/mantisbt/mantisbt/commit/e66ecc9f"}, {"name": "[oss-security] 20141205 RE: CVE-2014-6316: URL redirection issue in MantisBT", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "http://seclists.org/oss-sec/2014/q4/931"}, {"name": "[oss-security] 20141202 CVE-2014-6316: URL redirection issue in MantisBT", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "http://www.openwall.com/lists/oss-security/2014/12/03/11"}, {"name": "62101", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/62101"}, {"name": "DSA-3120", "tags": ["vendor-advisory", "x_refsource_DEBIAN"], "url": "http://www.debian.org/security/2015/dsa-3120"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2014-6316", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "core/string_api.php in MantisBT before 1.2.18 does not properly categorize URLs when running under the web root, which allows remote attackers to conduct open redirect and phishing attacks via a crafted URL in the return parameter to login_page.php."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "https://www.mantisbt.org/bugs/view.php?id=17648", "refsource": "CONFIRM", "url": "https://www.mantisbt.org/bugs/view.php?id=17648"}, {"name": "mantisbt-cve20146316-open-redirect(99128)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/99128"}, {"name": "71478", "refsource": "BID", "url": "http://www.securityfocus.com/bid/71478"}, {"name": "https://github.com/mantisbt/mantisbt/commit/e66ecc9f", "refsource": "CONFIRM", "url": "https://github.com/mantisbt/mantisbt/commit/e66ecc9f"}, {"name": "[oss-security] 20141205 RE: CVE-2014-6316: URL redirection issue in MantisBT", "refsource": "MLIST", "url": "http://seclists.org/oss-sec/2014/q4/931"}, {"name": "[oss-security] 20141202 CVE-2014-6316: URL redirection issue in MantisBT", "refsource": "MLIST", "url": "http://www.openwall.com/lists/oss-security/2014/12/03/11"}, {"name": "62101", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/62101"}, {"name": "DSA-3120", "refsource": "DEBIAN", "url": "http://www.debian.org/security/2015/dsa-3120"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-06T12:10:13.283Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://www.mantisbt.org/bugs/view.php?id=17648"}, {"name": "mantisbt-cve20146316-open-redirect(99128)", "tags": ["vdb-entry", "x_refsource_XF", "x_transferred"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/99128"}, {"name": "71478", "tags": ["vdb-entry", "x_refsource_BID", "x_transferred"], "url": "http://www.securityfocus.com/bid/71478"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://github.com/mantisbt/mantisbt/commit/e66ecc9f"}, {"name": "[oss-security] 20141205 RE: CVE-2014-6316: URL redirection issue in MantisBT", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "http://seclists.org/oss-sec/2014/q4/931"}, {"name": "[oss-security] 20141202 CVE-2014-6316: URL redirection issue in MantisBT", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "http://www.openwall.com/lists/oss-security/2014/12/03/11"}, {"name": "62101", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/62101"}, {"name": "DSA-3120", "tags": ["vendor-advisory", "x_refsource_DEBIAN", "x_transferred"], "url": "http://www.debian.org/security/2015/dsa-3120"}]}]}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2014-6316", "datePublished": "2014-12-12T11:00:00", "dateReserved": "2014-09-11T00:00:00", "dateUpdated": "2024-08-06T12:10:13.283Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:mantisbt:mantisbt:*:*:*:*:*:*:*:*", "matchCriteriaId": "5761D76C-7109-4E94-AEC3-3A6419429A91", "versionEndIncluding": "1.2.17", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "core/string_api.php in MantisBT before 1.2.18 does not properly categorize URLs when running under the web root, which allows remote attackers to conduct open redirect and phishing attacks via a crafted URL in the return parameter to login_page.php."}, {"lang": "es", "value": "core/string_api.php en MantisBT anterior a 1.2.18 no categoriza correctamente las URLs cuando funciona bajo el root web, lo que permite a atacantes remotos realizar ataques de redirecci\u00f3n abierta y phishing a trav\u00e9s de una URL manipulada en el par\u00e1metro return en login_page.php."}], "id": "CVE-2014-6316", "lastModified": "2025-04-12T10:46:40.837", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 5.8, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:N", "version": "2.0"}, "exploitabilityScore": 8.6, "impactScore": 4.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true}]}, "published": "2014-12-12T11:59:03.610", "references": [{"source": "cve@mitre.org", "tags": ["Exploit"], "url": "http://seclists.org/oss-sec/2014/q4/931"}, {"source": "cve@mitre.org", "url": "http://secunia.com/advisories/62101"}, {"source": "cve@mitre.org", "url": "http://www.debian.org/security/2015/dsa-3120"}, {"source": "cve@mitre.org", "url": "http://www.openwall.com/lists/oss-security/2014/12/03/11"}, {"source": "cve@mitre.org", "tags": ["Exploit"], "url": "http://www.securityfocus.com/bid/71478"}, {"source": "cve@mitre.org", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/99128"}, {"source": "cve@mitre.org", "url": "https://github.com/mantisbt/mantisbt/commit/e66ecc9f"}, {"source": "cve@mitre.org", "tags": ["Vendor Advisory"], "url": "https://www.mantisbt.org/bugs/view.php?id=17648"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Exploit"], "url": "http://seclists.org/oss-sec/2014/q4/931"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/62101"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.debian.org/security/2015/dsa-3120"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.openwall.com/lists/oss-security/2014/12/03/11"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Exploit"], "url": "http://www.securityfocus.com/bid/71478"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/99128"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://github.com/mantisbt/mantisbt/commit/e66ecc9f"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "https://www.mantisbt.org/bugs/view.php?id=17648"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Deferred", "weaknesses": [{"description": [{"lang": "en", "value": "NVD-CWE-Other"}], "source": "nvd@nist.gov", "type": "Primary"}]}