CVE-2003-0602

Опубликовано: 27 авг. 2003

Источник: nvd

CVSS2: 6.8

EPSS Низкий

Описание

Multiple cross-site scripting vulnerabilities (XSS) in Bugzilla 2.16.x before 2.16.3 and 2.17.x before 2.17.4 allow remote attackers to insert arbitrary HTML or web script via (1) multiple default German and Russian HTML templates or (2) ALT and NAME attributes in AREA tags as used by the GraphViz graph generation feature for local dependency graphs.

Ссылки

http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000653
http://www.bugzilla.org/security/2.16.2/
http://www.securityfocus.com/bid/6861
Patch
Vendor Advisory
http://www.securityfocus.com/bid/6868
Patch
Vendor Advisory
http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000653
http://www.bugzilla.org/security/2.16.2/
http://www.securityfocus.com/bid/6861
Patch
Vendor Advisory
http://www.securityfocus.com/bid/6868
Patch
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:mozilla:bugzilla:2.16:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:bugzilla:2.16.1:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:bugzilla:2.16.2:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:bugzilla:2.17:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:bugzilla:2.17.1:*:*:*:*:*:*:*

cpe:2.3:a:mozilla:bugzilla:2.17.3:*:*:*:*:*:*:*

EPSS

Процентиль: 77%

0.01009

Низкий

6.8 Medium

CVSS2

Дефекты

NVD-CWE-Other

Связанные уязвимости

CVE-2003-0602

debian

больше 22 лет назад

Multiple cross-site scripting vulnerabilities (XSS) in Bugzilla 2.16.x ...

GHSA-353j-5q9x-xhrh

github

почти 4 года назад