CVE-2012-4189 in Bugzilla
Sumário (Inglês)
Cross-site scripting (XSS) vulnerability in Bugzilla 4.1.x and 4.2.x before 4.2.4, and 4.3.x and 4.4.x before 4.4rc1, allows remote attackers to inject arbitrary web script or HTML via a field value that is not properly handled during construction of a tabular report, as demonstrated by the Version field.
If you want to get best quality of vulnerability data, you may have to visit VulDB.
Reservar
08/08/2012
Divulgação
16/11/2012
Estado
Confirmado
Inscrições
VulDB provides additional information and datapoints for this CVE:
| ID | Vulnerabilidade | CWE | Exp | Con | CVE |
|---|---|---|---|---|---|
| 6945 | Bugzilla report-table.html.tmpl Script de Site Cruzado | 79 | Alto | Correção oficial | CVE-2012-4189 |
Descrição
CPE
CWE
CVSS
Explorações
História
Diferença
Relacionar
Inteligência de ameaças
API JSON
API XML
API CSV