Описание
SQL injection vulnerability in editusers.cgi in Bugzilla 2.16.x before 2.16.6, and 2.18 before 2.18rc1, allows remote attackers with privileges to grant membership to any group to execute arbitrary SQL.
| Релиз | Статус | Примечание |
|---|---|---|
| dapper | released | 2.20-1 |
| devel | released | 2.20-1 |
| edgy | released | 2.20-1 |
| feisty | released | 2.20-1 |
| upstream | needs-triage |
Показывать по
Ссылки на источники
7.5 High
CVSS2
Связанные уязвимости
SQL injection vulnerability in editusers.cgi in Bugzilla 2.16.x before 2.16.6, and 2.18 before 2.18rc1, allows remote attackers with privileges to grant membership to any group to execute arbitrary SQL.
SQL injection vulnerability in editusers.cgi in Bugzilla 2.16.x before ...
SQL injection vulnerability in editusers.cgi in Bugzilla 2.16.x before 2.16.6, and 2.18 before 2.18rc1, allows remote attackers with privileges to grant membership to any group to execute arbitrary SQL.
7.5 High
CVSS2