CVE-2004-0705

Publication date 27 July 2004

Last updated 17 July 2025

Ubuntu priority

Medium

Why this priority?

Description

Multiple cross-site scripting (XSS) vulnerabilities in (1) editcomponents.cgi, (2) editgroups.cgi, (3) editmilestones.cgi, (4) editproducts.cgi, (5) editusers.cgi, and (6) editversions.cgi in Bugzilla 2.16.x before 2.16.6, and 2.18 before 2.18rc1, allow remote attackers to execute arbitrary JavaScript as other users via a URL parameter.

Status

Package Ubuntu Release Status
bugzilla 7.04 feisty
Fixed 2.20-1
6.10 edgy
Fixed 2.20-1
6.06 LTS dapper
Fixed 2.20-1

References

Other references

Access our resources on patching vulnerabilities