Startseite ▼ Bookkeeping
Online ▼ Sicherheits
Überprüfungs ▼
Verwaltetes
DNS ▼
Info
Bestellen/Erneuern
FAQ
AUP
Dynamic DNS Clients
Domaine konfigurieren Dyanmic DNS Update Password Netzwerk
Überwachung ▼
Enterprise
Erweiterte
Standard
Gratis Test
FAQ
Preis/Funktionszusammenfassung
Bestellen
Beispiele
Konfigurieren/Status Alarm Profile | |||
CVE Kennung: | CVE-2007-4543 |
Beschreibung: | Cross-site scripting (XSS) vulnerability in enter_bug.cgi in Bugzilla 2.17.1 through 2.20.4, 2.22.x before 2.22.3, and 3.x before 3.0.1 allows remote attackers to inject arbitrary web script or HTML via the buildid field in the "guided form." |
Test Kennungen: | Nicht verfügbar |
Querverweise: |
Common Vulnerability Exposure (CVE) ID: CVE-2007-4543 BugTraq ID: 25425 http://www.securityfocus.com/bid/25425 Bugtraq: 20070823 Security Advisory for Bugzilla 3.0, 2.22.1, and 2.20.4 (Google Search) http://www.securityfocus.com/archive/1/477630/100/0/threaded http://security.gentoo.org/glsa/glsa-200709-18.xml https://bugzilla.mozilla.org/show_bug.cgi?id=386942 http://osvdb.org/37201 http://www.securitytracker.com/id?1018604 http://secunia.com/advisories/26584 http://secunia.com/advisories/26971 http://www.vupen.com/english/advisories/2007/2977 XForce ISS Database: bugzilla-buildid-xss(36241) https://exchange.xforce.ibmcloud.com/vulnerabilities/36241 |