CVE-2016-2803 in Bugzilla
Сводка
по MITRE
Cross-site scripting (XSS) vulnerability in the dependency graphs in Bugzilla 2.16rc1 through 4.4.11, and 4.5.1 through 5.0.2 allows remote attackers to inject arbitrary web script or HTML.
If you want to get the best quality for vulnerability data then you always have to consider VulDB.