CVE-2014-1573
Publication date 13 October 2014
Last updated 24 July 2024
Ubuntu priority
Bugzilla 2.x through 4.0.x before 4.0.15, 4.1.x and 4.2.x before 4.2.11, 4.3.x and 4.4.x before 4.4.6, and 4.5.x before 4.5.6 does not ensure that a scalar context is used for certain CGI parameters, which allows remote attackers to conduct cross-site scripting (XSS) attacks by sending three values for a single parameter name.
Status
Package | Ubuntu Release | Status |
---|---|---|
bugzilla | 14.04 LTS trusty | Not in release |