Описание
Cross-site scripting (XSS) vulnerability in the Flash component infrastructure in YUI 2.8.0 through 2.8.1, as used in Bugzilla 3.7.1 through 3.7.3 and 4.1, allows remote attackers to inject arbitrary web script or HTML via vectors related to swfstore/swfstore.swf.
| Релиз | Статус | Примечание |
|---|---|---|
| artful | DNE | |
| bionic | DNE | |
| cosmic | DNE | |
| dapper | DNE | |
| devel | DNE | |
| disco | DNE | |
| eoan | DNE | |
| esm-infra-legacy/trusty | DNE | trusty/esm was DNE [trusty was not-affected [uses libjs-yui]] |
| esm-infra/focal | DNE | |
| focal | DNE |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| artful | ignored | end of life |
| bionic | ignored | end of standard support, was needs-triage |
| cosmic | ignored | end of life |
| dapper | DNE | |
| devel | needs-triage | |
| disco | ignored | end of life |
| eoan | ignored | end of life |
| esm-apps/bionic | needs-triage | |
| esm-apps/focal | needs-triage | |
| esm-apps/jammy | needs-triage |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| artful | not-affected | uses libjs-yui |
| bionic | not-affected | uses libjs-yui |
| cosmic | not-affected | uses libjs-yui |
| dapper | ignored | end of life |
| devel | DNE | |
| disco | not-affected | uses libjs-yui |
| eoan | not-affected | uses libjs-yui |
| esm-apps/bionic | not-affected | uses libjs-yui |
| esm-apps/xenial | not-affected | uses libjs-yui |
| esm-infra-legacy/trusty | DNE | trusty/esm was DNE [trusty was not-affected [uses libjs-yui]] |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| artful | not-affected | uses libjs-yui |
| bionic | not-affected | uses libjs-yui |
| cosmic | not-affected | uses libjs-yui |
| dapper | DNE | |
| devel | DNE | |
| disco | not-affected | uses libjs-yui |
| eoan | not-affected | uses libjs-yui |
| esm-apps/bionic | not-affected | uses libjs-yui |
| esm-apps/focal | not-affected | uses libjs-yui |
| esm-apps/jammy | not-affected | uses libjs-yui |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| artful | DNE | |
| bionic | DNE | |
| cosmic | DNE | |
| dapper | DNE | |
| devel | DNE | |
| disco | DNE | |
| eoan | DNE | |
| esm-infra-legacy/trusty | DNE | |
| esm-infra/focal | DNE | |
| focal | DNE |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| artful | DNE | |
| bionic | DNE | |
| cosmic | DNE | |
| dapper | DNE | |
| devel | DNE | |
| disco | DNE | |
| eoan | DNE | |
| esm-apps/xenial | needs-triage | |
| esm-infra-legacy/trusty | DNE | trusty/esm was DNE [trusty was needs-triage] |
| esm-infra/focal | DNE |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| artful | DNE | |
| bionic | DNE | |
| cosmic | DNE | |
| dapper | DNE | |
| devel | DNE | |
| disco | DNE | |
| eoan | DNE | |
| esm-apps/xenial | not-affected | 2.8.2r1~squeeze-1 |
| esm-infra-legacy/trusty | DNE | trusty/esm was DNE [trusty was not-affected [2.8.2r1~squeeze-1]] |
| esm-infra/focal | DNE |
Показывать по
Ссылки на источники
EPSS
4.3 Medium
CVSS2
Связанные уязвимости
Cross-site scripting (XSS) vulnerability in the Flash component infrastructure in YUI 2.8.0 through 2.8.1, as used in Bugzilla 3.7.1 through 3.7.3 and 4.1, allows remote attackers to inject arbitrary web script or HTML via vectors related to swfstore/swfstore.swf.
Cross-site scripting (XSS) vulnerability in the Flash component infras ...
Cross-site scripting (XSS) vulnerability in the Flash component infrastructure in YUI 2.8.0 through 2.8.1, as used in Bugzilla 3.7.1 through 3.7.3 and 4.1, allows remote attackers to inject arbitrary web script or HTML via vectors related to swfstore/swfstore.swf.
EPSS
4.3 Medium
CVSS2