Gentoo Security Advisory GLSA 201110-03 (bugzilla)

The remote host is missing updates announced in advisory GLSA 201110-03. OpenVAS Vulnerability Test $ Description: Auto generated from Gentoo's XML based advisory Authors: Thomas Reinke Copyright: Copyright c 2012 E-Soft Inc. http://www.securityspace.com Text descriptions are largely excerpted fr...

DSA-2322-1 bugzilla - several

Bulletin has no description...

Fedora 13 : bugzilla-3.4.10-1.fc13 (2011-0755)

Some serious security issues were discovered in Bugzilla and have been fixed in 3.4.10 and 3.6.4. See http://www.bugzilla.org/security/3.2.9/ for details. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has...

CVE-2011-0048

CVE-2011-0048 affects Bugzilla: the URL field (bug_file_loc) can contain javascript: or data: URIs. The issue allows cross-site scripting against logged-out users when the URI is crafted in certain Bugzilla versions (3.2.x up to 3.2.10, 3.4.x before 3.4.10, 3.6.x before 3.6.4, 4.0.x before 4.0rc2...