← volver
CVE-2004-1061

CVE-2004-1061

EPSS 1.0%
Cross-site scripting (XSS) vulnerability in Bugzilla before 2.18, including 2.16.x before 2.16.11, allows remote attackers to inject arbitrary HTML and web script via forced error messages, as demonstrated using the action parameter.
Productos afectados
n/a · n/a

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →
Referencias
http://distro.conectiva.com.br/atualizacoes/index.php?id=a&anuncio=001040http://lists.grok.org.uk/pipermail/full-disclosure/2004-December/030222.htmlhttps://bugzilla.mozilla.org/show_bug.cgi?id=272620https://exchange.xforce.ibmcloud.com/vulnerabilities/18728http://www.mikx.de/index.php?p=6http://www.securityfocus.com/bid/12154