Fedora Update for bugzilla FEDORA-2013-19458

The remote host is missing an update for the SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Fedora Update for bugzilla FEDORA-2013-19480

The remote host is missing an update for the SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2013-1743

Multiple cross-site scripting XSS vulnerabilities in report.cgi in Bugzilla 4.1.x and 4.2.x before 4.2.7 and 4.3.x and 4.4.x before 4.4.1 allow remote attackers to inject arbitrary web script or HTML via a field value that is not properly handled during construction of a tabular report, as...

CVE-2013-1743

CVE-2013-1743 is a cross-site scripting (XSS) vulnerability in Bugzilla’s report.cgi used to build tabular reports. It allows remote attackers to inject arbitrary script/HTML via a field value (e.g., the sum mary or real name) during report construction, due to an incomplete fix for CVE-2012-4189...

Bugzilla 4.2 - Tabular Reports Cross-Site Scripting

source: https://www.securityfocus.com/bid/63205/info Bugzilla is prone to a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied input. Attackers can exploit this issue to steal cookie-based authentication information, execute arbitrary client-side scripts in...

CVE-2012-4189

CVE-2012-4189 is a cross-site scripting (XSS) vulnerability in Bugzilla where an attacker can inject arbitrary script/HTML via a field value (notably the Version field) when constructing a tabular report. Affected are Bugzilla 4.1.x and 4.2.x before 4.2.4; and 4.3.x and 4.4.x before 4.4rc1. The u...