Bugzilla 2.14 prior to 2.14.2, and 2.16 prior to 2.16rc2, may allow remote malicious users to cause a denial of service or execute certain queries via a SQL injection attack on the sort order parameter to buglist.cgi.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
mozilla bugzilla 2.14 |
||
mozilla bugzilla 2.16 |
||
mozilla bugzilla 2.14.1 |