3.5

CVE-2006-5453

EPSS 0.81%
Veröffentlicht 23.10.2006 17:07:00
Zuletzt bearbeitet 09.04.2025 00:30:58
Quelle cve@mitre.org
Teams Watchlist Login
Unerledigt Login

Multiple cross-site scripting (XSS) vulnerabilities in Bugzilla 2.18.x before 2.18.6, 2.20.x before 2.20.3, 2.22.x before 2.22.1, and 2.23.x before 2.23.3 allow remote authenticated users to inject arbitrary web script or HTML via (1) page headers using the H1, H2, and H3 HTML tags in global/header.html.tmpl, (2) description fields of certain items in various edit cgi scripts, and (3) the id parameter in showdependencygraph.cgi.

Betroffene Produkte Warnungen 0 Metriken 2 CWE 0 Referenzen 22

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Mozilla ≫ Bugzilla Version2.18

Mozilla ≫ Bugzilla Version2.18 Updaterc1

Mozilla ≫ Bugzilla Version2.18 Updaterc2

Mozilla ≫ Bugzilla Version2.18 Updaterc3

Mozilla ≫ Bugzilla Version2.18.1

Mozilla ≫ Bugzilla Version2.18.2

Mozilla ≫ Bugzilla Version2.18.3

Mozilla ≫ Bugzilla Version2.18.4

Mozilla ≫ Bugzilla Version2.18.5

Mozilla ≫ Bugzilla Version2.20

Mozilla ≫ Bugzilla Version2.20 Updaterc1

Mozilla ≫ Bugzilla Version2.20 Updaterc2

Mozilla ≫ Bugzilla Version2.20.1

Mozilla ≫ Bugzilla Version2.20.2

Mozilla ≫ Bugzilla Version2.22

Mozilla ≫ Bugzilla Version2.23

Mozilla ≫ Bugzilla Version2.23.1

Mozilla ≫ Bugzilla Version2.23.2

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.81%	0.732

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	3.5	6.8	2.9	AV:N/AC:M/Au:S/C:N/I:P/A:N

http://secunia.com/advisories/22826

http://www.debian.org/security/2006/dsa-1208

http://secunia.com/advisories/22409

http://secunia.com/advisories/22790

http://security.gentoo.org/glsa/glsa-200611-04.xml

http://securityreason.com/securityalert/1760

http://securitytracker.com/id?1017063

Patch

http://www.bugzilla.org/security/2.18.5/

http://www.osvdb.org/29544

http://www.osvdb.org/29545

Patch

http://www.osvdb.org/29549

http://www.securityfocus.com/archive/1/448777/100/100/threaded

http://www.securityfocus.com/bid/20538

http://www.vupen.com/english/advisories/2006/4035

https://bugzilla.mozilla.org/show_bug.cgi?id=206037

Patch

https://bugzilla.mozilla.org/show_bug.cgi?id=330555

Patch

https://bugzilla.mozilla.org/show_bug.cgi?id=355728

Patch

https://exchange.xforce.ibmcloud.com/vulnerabilities/29610

https://exchange.xforce.ibmcloud.com/vulnerabilities/29619

https://nvd.nist.gov/vuln/detail/CVE-2006-5453

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2006-5453

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2006-5453

EUVD