Bugzilla@2.23.1 Security Vulnerabilities and Issues — Bugzilla@2.23.1 CVE List

Lucene search

MozillaBugzilla2.23.1

3 matches found

CVE•added 2006/10/23 5:7 p.m.•59 views

CVE-2006-5453

Multiple cross-site scripting (XSS) vulnerabilities in Bugzilla 2.18.x before 2.18.6, 2.20.x before 2.20.3, 2.22.x before 2.22.1, and 2.23.x before 2.23.3 allow remote authenticated users to inject arbitrary web script or HTML via (1) page headers using the H1, H2, and H3 HTML tags in global/header...

3.5CVSS5.2AI score0.00828EPSS

CVE•added 2006/10/23 5:7 p.m.•40 views

CVE-2006-5455

Cross-site request forgery (CSRF) vulnerability in editversions.cgi in Bugzilla before 2.22.1 and 2.23.x before 2.23.3 allows user-assisted remote attackers to create, modify, or delete arbitrary bug reports via a crafted URL.

2.6CVSS6.7AI score0.00914EPSS

CVE•added 2006/10/23 5:7 p.m.•38 views

CVE-2006-5454

Bugzilla 2.18.x before 2.18.6, 2.20.x before 2.20.3, 2.22.x before 2.22.1, and 2.23.x before 2.23.3 allow remote attackers to obtain (1) the description of arbitrary attachments by viewing the attachment in "diff" mode in attachment.cgi, and (2) the deadline field by viewing the XML format of the b...

5CVSS6.5AI score0.01146EPSS