Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
NVD Vulnerability Details :
CVE-2006-5453
Modified
More InfoOfficial Page
Source-cve@mitre.org
View Known Exploited Vulnerability (KEV) details
Published At-23 Oct, 2006 | 17:07
Updated At-17 Oct, 2018 | 21:43

Multiple cross-site scripting (XSS) vulnerabilities in Bugzilla 2.18.x before 2.18.6, 2.20.x before 2.20.3, 2.22.x before 2.22.1, and 2.23.x before 2.23.3 allow remote authenticated users to inject arbitrary web script or HTML via (1) page headers using the H1, H2, and H3 HTML tags in global/header.html.tmpl, (2) description fields of certain items in various edit cgi scripts, and (3) the id parameter in showdependencygraph.cgi.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Metrics
TypeVersionBase scoreBase severityVector
Primary2.03.5LOW
AV:N/AC:M/Au:S/C:N/I:P/A:N
CPE Matches
Mozilla Corporation
mozilla
>>bugzilla>>2.18
cpe:2.3:a:mozilla:bugzilla:2.18:*:*:*:*:*:*:*
Mozilla Corporation
mozilla
>>bugzilla>>2.18
cpe:2.3:a:mozilla:bugzilla:2.18:rc1:*:*:*:*:*:*
Mozilla Corporation
mozilla
>>bugzilla>>2.18
cpe:2.3:a:mozilla:bugzilla:2.18:rc2:*:*:*:*:*:*
Mozilla Corporation
mozilla
>>bugzilla>>2.18
cpe:2.3:a:mozilla:bugzilla:2.18:rc3:*:*:*:*:*:*
Mozilla Corporation
mozilla
>>bugzilla>>2.18.1
cpe:2.3:a:mozilla:bugzilla:2.18.1:*:*:*:*:*:*:*
Mozilla Corporation
mozilla
>>bugzilla>>2.18.2
cpe:2.3:a:mozilla:bugzilla:2.18.2:*:*:*:*:*:*:*
Mozilla Corporation
mozilla
>>bugzilla>>2.18.3
cpe:2.3:a:mozilla:bugzilla:2.18.3:*:*:*:*:*:*:*
Mozilla Corporation
mozilla
>>bugzilla>>2.18.4
cpe:2.3:a:mozilla:bugzilla:2.18.4:*:*:*:*:*:*:*
Mozilla Corporation
mozilla
>>bugzilla>>2.18.5
cpe:2.3:a:mozilla:bugzilla:2.18.5:*:*:*:*:*:*:*
Mozilla Corporation
mozilla
>>bugzilla>>2.20
cpe:2.3:a:mozilla:bugzilla:2.20:*:*:*:*:*:*:*
Mozilla Corporation
mozilla
>>bugzilla>>2.20
cpe:2.3:a:mozilla:bugzilla:2.20:rc1:*:*:*:*:*:*
Mozilla Corporation
mozilla
>>bugzilla>>2.20
cpe:2.3:a:mozilla:bugzilla:2.20:rc2:*:*:*:*:*:*
Mozilla Corporation
mozilla
>>bugzilla>>2.20.1
cpe:2.3:a:mozilla:bugzilla:2.20.1:*:*:*:*:*:*:*
Mozilla Corporation
mozilla
>>bugzilla>>2.20.2
cpe:2.3:a:mozilla:bugzilla:2.20.2:*:*:*:*:*:*:*
Mozilla Corporation
mozilla
>>bugzilla>>2.22
cpe:2.3:a:mozilla:bugzilla:2.22:*:*:*:*:*:*:*
Mozilla Corporation
mozilla
>>bugzilla>>2.23
cpe:2.3:a:mozilla:bugzilla:2.23:*:*:*:*:*:*:*
Mozilla Corporation
mozilla
>>bugzilla>>2.23.1
cpe:2.3:a:mozilla:bugzilla:2.23.1:*:*:*:*:*:*:*
Mozilla Corporation
mozilla
>>bugzilla>>2.23.2
cpe:2.3:a:mozilla:bugzilla:2.23.2:*:*:*:*:*:*:*
Weaknesses
CWE IDTypeSource
NVD-CWE-OtherPrimarynvd@nist.gov
Evaluator Description
Evaluator Impact

Evaluator Solution

This vulnerability is addressed in the following product releases: Mozilla, Bugzilla, 2.18.6 Mozilla, Bugzilla, 2.20.3 Mozilla, Bugzilla, 2.22.1 Mozilla, Bugzilla, 2.23.3

Vendor Statements
References
HyperlinkSourceResource
http://secunia.com/advisories/22409cve@mitre.org
N/A
http://secunia.com/advisories/22790cve@mitre.org
N/A
http://secunia.com/advisories/22826cve@mitre.org
N/A
http://security.gentoo.org/glsa/glsa-200611-04.xmlcve@mitre.org
N/A
http://securityreason.com/securityalert/1760cve@mitre.org
N/A
http://securitytracker.com/id?1017063cve@mitre.org
Patch
http://www.bugzilla.org/security/2.18.5/cve@mitre.org
N/A
http://www.debian.org/security/2006/dsa-1208cve@mitre.org
N/A
http://www.osvdb.org/29544cve@mitre.org
N/A
http://www.osvdb.org/29545cve@mitre.org
Patch
http://www.osvdb.org/29549cve@mitre.org
N/A
http://www.securityfocus.com/archive/1/448777/100/100/threadedcve@mitre.org
N/A
http://www.securityfocus.com/bid/20538cve@mitre.org
N/A
http://www.vupen.com/english/advisories/2006/4035cve@mitre.org
N/A
https://bugzilla.mozilla.org/show_bug.cgi?id=206037cve@mitre.org
Patch
https://bugzilla.mozilla.org/show_bug.cgi?id=330555cve@mitre.org
Patch
https://bugzilla.mozilla.org/show_bug.cgi?id=355728cve@mitre.org
Patch
https://exchange.xforce.ibmcloud.com/vulnerabilities/29610cve@mitre.org
N/A
https://exchange.xforce.ibmcloud.com/vulnerabilities/29619cve@mitre.org
N/A
Change History
0Changes found
Details not found