Cross-site scripting (XSS) vulnerability in enter_bug.cgi in Bugzilla 2.17.1 up to and including 2.20.4, 2.22.x prior to 2.22.3, and 3.x prior to 3.0.1 allows remote malicious users to inject arbitrary web script or HTML via the buildid field in the "guided form."
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
mozilla bugzilla 2.18 |
||
mozilla bugzilla 2.18.1 |
||
mozilla bugzilla 2.19 |
||
mozilla bugzilla 2.20.3 |
||
mozilla bugzilla 2.20 |
||
mozilla bugzilla 2.17.6 |
||
mozilla bugzilla 2.17.1 |
||
mozilla bugzilla 2.17.3 |
||
mozilla bugzilla 2.18.2 |
||
mozilla bugzilla 2.18.3 |
||
mozilla bugzilla 2.19.1 |
||
mozilla bugzilla 2.19.2 |
||
mozilla bugzilla 2.22 |
||
mozilla bugzilla 2.22.1 |
||
mozilla bugzilla 2.17.7 |
||
mozilla bugzilla 2.20.1 |
||
mozilla bugzilla 2.20.2 |
||
mozilla bugzilla 3.0.0 |
||
mozilla bugzilla 2.17.4 |
||
mozilla bugzilla 2.17.5 |
||
mozilla bugzilla 2.18.4 |
||
mozilla bugzilla 2.18.5 |
||
mozilla bugzilla 2.19.3 |
||
mozilla bugzilla 2.22.2 |