Lucene search
Ubuntu.comUB:CVE-2011-0048HistoryJan 28, 2011 - 12:00 a.m.
CVE-2011-0048
2011-01-2800:00:00
ubuntu.com
ubuntu.com
11
4.3 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
0.004 Low
EPSS
Percentile
72.2%
Bugzilla before 3.2.10, 3.4.x before 3.4.10, 3.6.x before 3.6.4, and 4.0.x
before 4.0rc2 creates a clickable link for a (1) javascript: or (2) data:
URI in the URL (aka bug_file_loc) field, which allows remote attackers to
conduct cross-site scripting (XSS) attacks against logged-out users via a
crafted URI.
Related
cvelist
cvelist
CVE-2011-0048
2011-01-28 15:00:00
nvd
nvd
CVE-2011-0048
2011-01-28 16:00:03
cve
cve
CVE-2011-0048
2011-01-28 16:00:03
prion
prion
Cross site scripting
2011-01-28 16:00:00
openvas
openvas
Bugzilla Multiple Vulnerabilities
2011-01-26 00:00:00
Bugzilla Multiple Vulnerabilities
2011-01-26 00:00:00
Fedora Update for bugzilla FEDORA-2011-0741
2011-02-04 00:00:00
nessus
nessus
Fedora 13 : bugzilla-3.4.10-1.fc13 (2011-0755)
2011-02-03 00:00:00
Fedora 14 : bugzilla-3.6.4-1.fc14 (2011-0741)
2011-02-03 00:00:00
Debian DSA-2322-1 : bugzilla - several vulnerabilities
2011-10-11 00:00:00
debian
debian
[SECURITY] [DSA 2322-1] bugzilla security update
2011-10-10 16:12:14
osv
osv
bugzilla - several
2011-10-10 00:00:00
gentoo
gentoo
Bugzilla: Multiple vulnerabilities
2011-10-10 00:00:00
4.3 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
0.004 Low
EPSS
Percentile
72.2%
Related for UB:CVE-2011-0048