2 matches found
Fedora 17 : bugzilla-4.0.10-1.fc17 (2013-2845)
This update fixes security issues that have been discovered in Bugzilla : - When viewing a bug report, a bug ID containing random code is not correctly sanitized in the HTML page if the specified page format is invalid. This can lead to XSS. - When running a query in debug mode, it is possible to...
bugzilla -- multiple vulnerabilities
A Bugzilla Security Advisory reports: Cross-Site Scripting When viewing a single bug report, which is the default, the bug ID is validated and rejected if it is invalid. But when viewing several bug reports at once, which is specified by the format=multiple parameter, invalid bug IDs can go throu...