CVE-2007-4543
CVE-2007-4543
Cross-site scripting (XSS) vulnerability in enter_bug.cgi in Bugzilla 2.17.1 through 2.20.4, 2.22.x before 2.22.3, and 3.x before 3.0.1 allows remote attackers to inject arbitrary web script or HTML via the buildid field in the "guided form."
Productos afectados
n/a · n/a¿Quieres saber si tu infraestructura está expuesta a esto?
Hablar con TrueHacking →Referencias
http://osvdb.org/37201https://bugzilla.mozilla.org/show_bug.cgi?id=386942http://secunia.com/advisories/26584http://secunia.com/advisories/26971http://security.gentoo.org/glsa/glsa-200709-18.xmlhttps://exchange.xforce.ibmcloud.com/vulnerabilities/36241http://www.bugzilla.org/security/2.20.4/http://www.securityfocus.com/archive/1/477630/100/0/threadedhttp://www.securityfocus.com/bid/25425http://www.securitytracker.com/id?1018604http://www.vupen.com/english/advisories/2007/2977