Описание
Cross-site scripting (XSS) vulnerability in the duplicate-detection functionality in Bugzilla 3.7.1, 3.7.2, 3.7.3, and 4.0rc1 allows remote attackers to inject arbitrary web script or HTML via the summary field, related to the DataTable widget in YUI.
| Релиз | Статус | Примечание |
|---|---|---|
| dapper | not-affected | 3.7.x and higher |
| devel | not-affected | 3.7.x and higher |
| hardy | not-affected | 3.7.x and higher |
| karmic | not-affected | 3.7.x and higher |
| lucid | not-affected | 3.7.x and higher |
| maverick | not-affected | 3.7.x and higher |
| upstream | released | 4.0rc2 |
Показывать по
Ссылки на источники
EPSS
4.3 Medium
CVSS2
Связанные уязвимости
Cross-site scripting (XSS) vulnerability in the duplicate-detection functionality in Bugzilla 3.7.1, 3.7.2, 3.7.3, and 4.0rc1 allows remote attackers to inject arbitrary web script or HTML via the summary field, related to the DataTable widget in YUI.
Cross-site scripting (XSS) vulnerability in the duplicate-detection fu ...
Cross-site scripting (XSS) vulnerability in the duplicate-detection functionality in Bugzilla 3.7.1, 3.7.2, 3.7.3, and 4.0rc1 allows remote attackers to inject arbitrary web script or HTML via the summary field, related to the DataTable widget in YUI.
EPSS
4.3 Medium
CVSS2