CVE-2012-4189 in Bugzillainformation

Résumé (Anglaise)

Cross-site scripting (XSS) vulnerability in Bugzilla 4.1.x and 4.2.x before 4.2.4, and 4.3.x and 4.4.x before 4.4rc1, allows remote attackers to inject arbitrary web script or HTML via a field value that is not properly handled during construction of a tabular report, as demonstrated by the Version field.

If you want to get best quality of vulnerability data, you may have to visit VulDB.

Réserver

08/08/2012

Divulgation

16/11/2012

Statut

Confirmé

Entrées

VulDB provides additional information and datapoints for this CVE:

ID	Vulnérabilité	CWE	Exp	Con	CVE
6945	Bugzilla report-table.html.tmpl cross site scripting	79	Élevé	Correctif officiel	CVE-2012-4189

Description

CPE

CWE

CVSS

Exploits

Histoire

Diff

Relier

Renseignements sur les menaces

API JSON

API XML

API CSV

Sources

MITRE
NVD
CVE Details

◂ PrécédentAperçuSuivant ▸

Do you know our Splunk app?

Download it now for free!