CVE-2008-2103
Published: 7 May 2008
Cross-site scripting (XSS) vulnerability in Bugzilla 2.17.2 and later allows remote attackers to inject arbitrary web script or HTML via the id parameter to the "Format for Printing" view or "Long Format" bug list.
Notes
Author | Note |
---|---|
kees | this should really be for bugzilla3, but it's not in intrepid yet |
Priority
Status
Package | Release | Status |
---|---|---|
bugzilla Launchpad, Ubuntu, Debian |
dapper |
Ignored
(end of life)
|
feisty |
Ignored
(end of life, was needed)
|
|
gutsy |
Ignored
(end of life, was needed)
|
|
hardy |
Ignored
(end of life)
|
|
intrepid |
Not vulnerable
(3.0.4-0ubuntu1)
|
|
jaunty |
Not vulnerable
(3.0.4-0ubuntu1)
|
|
karmic |
Not vulnerable
(3.0.4-0ubuntu1)
|
|
lucid |
Not vulnerable
(3.0.4-0ubuntu1)
|
|
maverick |
Not vulnerable
(3.0.4-0ubuntu1)
|
|
natty |
Not vulnerable
(3.0.4-0ubuntu1)
|
|
oneiric |
Not vulnerable
(3.0.4-0ubuntu1)
|
|
upstream |
Released
(3.0.1)
|