Search Results (Refine Search)
- CPE Product Version: cpe:/a:mozilla:bugzilla:2.16.11
Vuln ID | Summary | CVSS Severity |
---|---|---|
CVE-2006-5455 |
Cross-site request forgery (CSRF) vulnerability in editversions.cgi in Bugzilla before 2.22.1 and 2.23.x before 2.23.3 allows user-assisted remote attackers to create, modify, or delete arbitrary bug reports via a crafted URL. Published: October 23, 2006; 1:07:00 PM -0400 |
V3.x:(not available) V2.0: 2.6 LOW |
CVE-2004-1061 |
Cross-site scripting (XSS) vulnerability in Bugzilla before 2.18, including 2.16.x before 2.16.11, allows remote attackers to inject arbitrary HTML and web script via forced error messages, as demonstrated using the action parameter. Published: January 04, 2005; 12:00:00 AM -0500 |
V3.x:(not available) V2.0: 4.3 MEDIUM |
CVE-2002-2260 |
Cross-site scripting (XSS) vulnerability in the quips feature in Mozilla Bugzilla 2.10 through 2.17 allows remote attackers to inject arbitrary web script or HTML via the "show all quips" page. Published: December 31, 2002; 12:00:00 AM -0500 |
V3.x:(not available) V2.0: 4.3 MEDIUM |