Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nvd[email protected]NVD:CVE-2006-5453
HistoryOct 23, 2006 - 5:07 p.m.

CVE-2006-5453

2006-10-2317:07:00
[email protected]
web.nvd.nist.gov
9

CVSS2

3.5

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

SINGLE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:S/C:N/I:P/A:N

AI Score

5.3

Confidence

High

EPSS

0.001

Percentile

47.7%

JSON

Multiple cross-site scripting (XSS) vulnerabilities in Bugzilla 2.18.x before 2.18.6, 2.20.x before 2.20.3, 2.22.x before 2.22.1, and 2.23.x before 2.23.3 allow remote authenticated users to inject arbitrary web script or HTML via (1) page headers using the H1, H2, and H3 HTML tags in global/header.html.tmpl, (2) description fields of certain items in various edit cgi scripts, and (3) the id parameter in showdependencygraph.cgi.

Affected configurations

Nvd
Node
mozillabugzillaMatch2.18
OR
mozillabugzillaMatch2.18rc1
OR
mozillabugzillaMatch2.18rc2
OR
mozillabugzillaMatch2.18rc3
OR
mozillabugzillaMatch2.18.1
OR
mozillabugzillaMatch2.18.2
OR
mozillabugzillaMatch2.18.3
OR
mozillabugzillaMatch2.18.4
OR
mozillabugzillaMatch2.18.5
OR
mozillabugzillaMatch2.20
OR
mozillabugzillaMatch2.20rc1
OR
mozillabugzillaMatch2.20rc2
OR
mozillabugzillaMatch2.20.1
OR
mozillabugzillaMatch2.20.2
OR
mozillabugzillaMatch2.22
OR
mozillabugzillaMatch2.23
OR
mozillabugzillaMatch2.23.1
OR
mozillabugzillaMatch2.23.2
VendorProductVersionCPE
mozillabugzilla2.18cpe:2.3:a:mozilla:bugzilla:2.18:*:*:*:*:*:*:*
mozillabugzilla2.18cpe:2.3:a:mozilla:bugzilla:2.18:rc1:*:*:*:*:*:*
mozillabugzilla2.18cpe:2.3:a:mozilla:bugzilla:2.18:rc2:*:*:*:*:*:*
mozillabugzilla2.18cpe:2.3:a:mozilla:bugzilla:2.18:rc3:*:*:*:*:*:*
mozillabugzilla2.18.1cpe:2.3:a:mozilla:bugzilla:2.18.1:*:*:*:*:*:*:*
mozillabugzilla2.18.2cpe:2.3:a:mozilla:bugzilla:2.18.2:*:*:*:*:*:*:*
mozillabugzilla2.18.3cpe:2.3:a:mozilla:bugzilla:2.18.3:*:*:*:*:*:*:*
mozillabugzilla2.18.4cpe:2.3:a:mozilla:bugzilla:2.18.4:*:*:*:*:*:*:*
mozillabugzilla2.18.5cpe:2.3:a:mozilla:bugzilla:2.18.5:*:*:*:*:*:*:*
mozillabugzilla2.20cpe:2.3:a:mozilla:bugzilla:2.20:*:*:*:*:*:*:*
Rows per page:
1-10 of 181

Related

ubuntucve 1
cve 1
cvelist 1
nessus 3
openvas 6
debian 1
osv 1
gentoo 1
freebsd 1
ubuntucve
ubuntucve
CVE-2006-5453
2006-10-23 00:00:00
cve
cve
CVE-2006-5453
2006-10-23 17:07:00
cvelist
cvelist
CVE-2006-5453
2006-10-23 17:00:00
nessus
nessus
Debian DSA-1208-1 : bugzilla - several vulnerabilities
2006-11-20 00:00:00
FreeBSD : bugzilla -- multiple vulnerabilities (6d68618a-7199-11db-a2ad-000c6ec775d9)
2006-11-20 00:00:00
GLSA-200611-04 : Bugzilla: Multiple Vulnerabilities
2006-11-20 00:00:00
openvas
openvas
Debian: Security Advisory (DSA-1208-1)
2008-01-17 00:00:00
Debian Security Advisory DSA 1208-1 (bugzilla)
2008-01-17 00:00:00
Gentoo Security Advisory GLSA 200611-04 (bugzilla)
2008-09-24 00:00:00
debian
debian
[SECURITY] [DSA 1208-1] New bugzilla packages fix several vulnerabilities
2006-11-11 14:08:27
osv
osv
bugzilla
2006-11-11 00:00:00
gentoo
gentoo
Bugzilla: Multiple Vulnerabilities
2006-11-09 00:00:00
freebsd
freebsd
bugzilla -- multiple vulnerabilities
2006-10-15 00:00:00

CVSS2

3.5

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

SINGLE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:S/C:N/I:P/A:N

AI Score

5.3

Confidence

High

EPSS

0.001

Percentile

47.7%

JSON
Related for NVD:CVE-2006-5453
ubuntucve1cve1cvelist1nessus3openvas6debian1osv1gentoo1freebsd1