0009187: Authenticating at the Kali MantisBT instance's login page displays a security error.

ID	Project	Category	View Status	Date Submitted	Last Update

0009187	Kali Linux	Kali Websites & Docs	public	2025-05-19 09:30	2025-05-19 09:30

Reporter	RokeJulianLockhart	Assigned To
Priority	normal	Severity	minor	Reproducibility	have not tried
Status	new	Resolution	open

Summary	0009187: Authenticating at the Kali MantisBT instance's login page displays a security error.
Description	At https://bugs.kali.org/login_page.php#login-box:~:text=Warning:%20%22path%22%20was%20not%20defined%20in%20config_inc.php.%20Leaving%20it%20empty%20is%20a%20security%20risk%2C%20as%20the%20path%20will%20be%20set%20based%20on%20headers%20from%20the%20HTTP%20request%2C%20exposing%20your%20system%20to%20Host%20Header%20Injection%20attacks, I see: Warning: "path" was not defined in config_inc.php. Leaving it empty is a security risk, as the path will be set based on headers from the HTTP request, exposing your system to Host Header Injection attacks.
Attached Files	Screenshot 2025-05-19 at 10-27-30 Kali Linux Bug Tracker.png (25,967 bytes) Screenshot 2025-05-19 at 10-27-30 Kali Linux Bug Tracker.png (25,967 bytes)

Date Modified	Username	Field	Change
2025-05-19 09:30	RokeJulianLockhart	New Issue
2025-05-19 09:30	RokeJulianLockhart	File Added: Screenshot 2025-05-19 at 10-27-30 Kali Linux Bug Tracker.png