Lucene search

MitreCVE-2002-2260

HistoryOct 18, 2007 - 10:00 a.m.

CVE-2002-2260

2007-10-1810:00:00

CWE-79

mitre

web.nvd.nist.gov

cve-2002-2260

cross-site scripting

xss

mozilla bugzilla

security vulnerability

nvd

CVSS2

4.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

AI Score

5.6

Confidence

High

EPSS

0.006

Percentile

78.6%

JSON

Cross-site scripting (XSS) vulnerability in the quips feature in Mozilla Bugzilla 2.10 through 2.17 allows remote attackers to inject arbitrary web script or HTML via the “show all quips” page.

Affected configurations

Nvd

Node

mozillabugzillaMatch2.10

mozillabugzillaMatch2.12

mozillabugzillaMatch2.14

mozillabugzillaMatch2.14.1

mozillabugzillaMatch2.14.2

mozillabugzillaMatch2.14.3

mozillabugzillaMatch2.14.4

mozillabugzillaMatch2.14.5

mozillabugzillaMatch2.16

mozillabugzillaMatch2.16rc1

mozillabugzillaMatch2.16.1

mozillabugzillaMatch2.16.2

mozillabugzillaMatch2.16.3

mozillabugzillaMatch2.16.4

mozillabugzillaMatch2.16.5

mozillabugzillaMatch2.16.6

mozillabugzillaMatch2.16.7

mozillabugzillaMatch2.16.8

mozillabugzillaMatch2.16.9

mozillabugzillaMatch2.16.10

mozillabugzillaMatch2.16.11

mozillabugzillaMatch2.17

mozillabugzillaMatch2.17.1

mozillabugzillaMatch2.17.3

mozillabugzillaMatch2.17.4

mozillabugzillaMatch2.17.5

mozillabugzillaMatch2.17.6

mozillabugzillaMatch2.17.7

VendorProductVersionCPE
mozillabugzilla2.10cpe:2.3:a:mozilla:bugzilla:2.10:*:*:*:*:*:*:*
mozillabugzilla2.12cpe:2.3:a:mozilla:bugzilla:2.12:*:*:*:*:*:*:*
mozillabugzilla2.14cpe:2.3:a:mozilla:bugzilla:2.14:*:*:*:*:*:*:*
mozillabugzilla2.14.1cpe:2.3:a:mozilla:bugzilla:2.14.1:*:*:*:*:*:*:*
mozillabugzilla2.14.2cpe:2.3:a:mozilla:bugzilla:2.14.2:*:*:*:*:*:*:*
mozillabugzilla2.14.3cpe:2.3:a:mozilla:bugzilla:2.14.3:*:*:*:*:*:*:*
mozillabugzilla2.14.4cpe:2.3:a:mozilla:bugzilla:2.14.4:*:*:*:*:*:*:*
mozillabugzilla2.14.5cpe:2.3:a:mozilla:bugzilla:2.14.5:*:*:*:*:*:*:*
mozillabugzilla2.16cpe:2.3:a:mozilla:bugzilla:2.16:*:*:*:*:*:*:*
mozillabugzilla2.16cpe:2.3:a:mozilla:bugzilla:2.16:rc1:*:*:*:*:*:*

Vendor	Product	Version	CPE
mozilla	bugzilla	2.10	cpe:2.3:a:mozilla:bugzilla:2.10:::::::*
mozilla	bugzilla	2.12	cpe:2.3:a:mozilla:bugzilla:2.12:::::::*
mozilla	bugzilla	2.14	cpe:2.3:a:mozilla:bugzilla:2.14:::::::*
mozilla	bugzilla	2.14.1	cpe:2.3:a:mozilla:bugzilla:2.14.1:::::::*
mozilla	bugzilla	2.14.2	cpe:2.3:a:mozilla:bugzilla:2.14.2:::::::*
mozilla	bugzilla	2.14.3	cpe:2.3:a:mozilla:bugzilla:2.14.3:::::::*
mozilla	bugzilla	2.14.4	cpe:2.3:a:mozilla:bugzilla:2.14.4:::::::*
mozilla	bugzilla	2.14.5	cpe:2.3:a:mozilla:bugzilla:2.14.5:::::::*
mozilla	bugzilla	2.16	cpe:2.3:a:mozilla:bugzilla:2.16:::::::*
mozilla	bugzilla	2.16	cpe:2.3:a:mozilla:bugzilla:2.16:rc1::::::

Rows per page:

1-10 of 281

References

bugzilla.mozilla.org/show_bug.cgi?id=179329

marc.info/?l=bugtraq&m=103837886416560&w=2

www.debian.org/security/2002/dsa-218

www.securityfocus.com/bid/6257

exchange.xforce.ibmcloud.com/vulnerabilities/10707

CVSS2

4.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

AI Score

5.6

Confidence

High

EPSS

0.006

Percentile

78.6%

JSON

Related for CVE-2002-2260