Max CVSS 4.3 Min CVSS 3.5 Total Count2
IDCVSSSummaryLast (major) updatePublished
CVE-2008-2103 4.3
Cross-site scripting (XSS) vulnerability in Bugzilla 2.17.2 and later allows remote attackers to inject arbitrary web script or HTML via the id parameter to the "Format for Printing" view or "Long Format" bug list.
08-08-2017 - 01:30 07-05-2008 - 20:20
CVE-2008-2105 3.5
email_in.pl in Bugzilla 2.23.4, 3.0.x before 3.0.4, and 3.1.x before 3.1.4 allows remote authenticated users to more easily spoof the changer of a bug via a @reporter command in the body of an e-mail message, which overrides the e-mail address as nor
08-08-2017 - 01:30 07-05-2008 - 20:20
CVE-2008-2104 4.0
The WebService in Bugzilla 3.1.3 allows remote authenticated users without canconfirm privileges to create NEW or ASSIGNED bug entries via a request to the XML-RPC interface, which bypasses the canconfirm check.
08-08-2017 - 01:30 07-05-2008 - 20:20
Back to Top Mark selected
Back to Top