Cross-site scripting (XSS) vulnerability in Bugzilla 4.1.x and 4.2.x prior to 4.2.4, and 4.3.x and 4.4.x prior to 4.4rc1, allows remote malicious users to inject arbitrary web script or HTML via a field value that is not properly handled during construction of a tabular report, as demonstrated by the Version field.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
mozilla bugzilla 4.1.2 |
||
mozilla bugzilla 4.1.3 |
||
mozilla bugzilla 4.1 |
||
mozilla bugzilla 4.1.1 |
||
mozilla bugzilla 4.2 |
||
mozilla bugzilla 4.2.1 |
||
mozilla bugzilla 4.2.2 |
||
mozilla bugzilla 4.2.3 |
||
mozilla bugzilla 4.3 |
||
mozilla bugzilla 4.3.1 |
||
mozilla bugzilla 4.3.2 |
||
mozilla bugzilla 4.3.3 |