bugzilla: cross-site scripting

2016-05-19T00:00:00
ID ASA-201605-25
Type archlinux
Reporter Arch Linux
Modified 2016-05-19T00:00:00

Description

An attacker can craft a malicious summary within a bug report to host malicious javascript code. This code will be served to a user when he or she navigates to the bug's dependency graph.