Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2004-0705

Overview

Vulnerability Score 6.8 6.8
CVE Id CVE-2004-0705
Last Modified 05 Sep 2008 04:39:10
Published 27 Jul 2004 12:00:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE

CVE-2004-0705

Summary

Multiple cross-site scripting (XSS) vulnerabilities in (1) editcomponents.cgi, (2) editgroups.cgi, (3) editmilestones.cgi, (4) editproducts.cgi, (5) editusers.cgi, and (6) editversions.cgi in Bugzilla 2.16.x before 2.16.6, and 2.18 before 2.18rc1, allow remote attackers to execute arbitrary JavaScript as other users via a URL parameter.

Vulnerable Systems


References

BID - 10698

XF - bugzilla-edit-xss(16670)

BUGTRAQ - 20040710 [BUGZILLA] Multiple vulnerabilities in Bugzilla 2.16.5 and 2.17.7

CONFIRM - http://bugzilla.mozilla.org/show_bug.cgi?id=235265


Last Updated: 27 May 2016 10:38:43