Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
NVD Vulnerability Details :
CVE-2015-8508
Deferred
More InfoOfficial Page
Source-security@mozilla.org
View Known Exploited Vulnerability (KEV) details
Published At-03 Jan, 2016 | 05:59
Updated At-12 Apr, 2025 | 10:46

Cross-site scripting (XSS) vulnerability in showdependencygraph.cgi in Bugzilla 2.x, 3.x, and 4.x before 4.2.16, 4.3.x and 4.4.x before 4.4.11, and 4.5.x and 5.0.x before 5.0.2, when a local dot configuration is used, allows remote attackers to inject arbitrary web script or HTML via a crafted bug summary.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Metrics
TypeVersionBase scoreBase severityVector
Primary3.04.7MEDIUM
CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:L/A:N
Primary2.02.6LOW
AV:N/AC:H/Au:N/C:N/I:P/A:N
CPE Matches
Mozilla Corporation
mozilla
>>bugzilla>>2.0
cpe:2.3:a:mozilla:bugzilla:2.0:*:*:*:*:*:*:*
Mozilla Corporation
mozilla
>>bugzilla>>2.2
cpe:2.3:a:mozilla:bugzilla:2.2:*:*:*:*:*:*:*
Mozilla Corporation
mozilla
>>bugzilla>>2.4
cpe:2.3:a:mozilla:bugzilla:2.4:*:*:*:*:*:*:*
Mozilla Corporation
mozilla
>>bugzilla>>2.6
cpe:2.3:a:mozilla:bugzilla:2.6:*:*:*:*:*:*:*
Mozilla Corporation
mozilla
>>bugzilla>>2.8
cpe:2.3:a:mozilla:bugzilla:2.8:*:*:*:*:*:*:*
Mozilla Corporation
mozilla
>>bugzilla>>2.10
cpe:2.3:a:mozilla:bugzilla:2.10:*:*:*:*:*:*:*
Mozilla Corporation
mozilla
>>bugzilla>>2.12
cpe:2.3:a:mozilla:bugzilla:2.12:*:*:*:*:*:*:*
Mozilla Corporation
mozilla
>>bugzilla>>2.14
cpe:2.3:a:mozilla:bugzilla:2.14:*:*:*:*:*:*:*
Mozilla Corporation
mozilla
>>bugzilla>>2.14.1
cpe:2.3:a:mozilla:bugzilla:2.14.1:*:*:*:*:*:*:*
Mozilla Corporation
mozilla
>>bugzilla>>2.14.2
cpe:2.3:a:mozilla:bugzilla:2.14.2:*:*:*:*:*:*:*
Mozilla Corporation
mozilla
>>bugzilla>>2.14.3
cpe:2.3:a:mozilla:bugzilla:2.14.3:*:*:*:*:*:*:*
Mozilla Corporation
mozilla
>>bugzilla>>2.14.4
cpe:2.3:a:mozilla:bugzilla:2.14.4:*:*:*:*:*:*:*
Mozilla Corporation
mozilla
>>bugzilla>>2.14.5
cpe:2.3:a:mozilla:bugzilla:2.14.5:*:*:*:*:*:*:*
Mozilla Corporation
mozilla
>>bugzilla>>2.16
cpe:2.3:a:mozilla:bugzilla:2.16:*:*:*:*:*:*:*
Mozilla Corporation
mozilla
>>bugzilla>>2.16.1
cpe:2.3:a:mozilla:bugzilla:2.16.1:*:*:*:*:*:*:*
Mozilla Corporation
mozilla
>>bugzilla>>2.16.2
cpe:2.3:a:mozilla:bugzilla:2.16.2:*:*:*:*:*:*:*
Mozilla Corporation
mozilla
>>bugzilla>>2.16.3
cpe:2.3:a:mozilla:bugzilla:2.16.3:*:*:*:*:*:*:*
Mozilla Corporation
mozilla
>>bugzilla>>2.16.4
cpe:2.3:a:mozilla:bugzilla:2.16.4:*:*:*:*:*:*:*
Mozilla Corporation
mozilla
>>bugzilla>>2.16.5
cpe:2.3:a:mozilla:bugzilla:2.16.5:*:*:*:*:*:*:*
Mozilla Corporation
mozilla
>>bugzilla>>2.16.6
cpe:2.3:a:mozilla:bugzilla:2.16.6:*:*:*:*:*:*:*
Mozilla Corporation
mozilla
>>bugzilla>>2.16.7
cpe:2.3:a:mozilla:bugzilla:2.16.7:*:*:*:*:*:*:*
Mozilla Corporation
mozilla
>>bugzilla>>2.16.8
cpe:2.3:a:mozilla:bugzilla:2.16.8:*:*:*:*:*:*:*
Mozilla Corporation
mozilla
>>bugzilla>>2.16.9
cpe:2.3:a:mozilla:bugzilla:2.16.9:*:*:*:*:*:*:*
Mozilla Corporation
mozilla
>>bugzilla>>2.16.10
cpe:2.3:a:mozilla:bugzilla:2.16.10:*:*:*:*:*:*:*
Mozilla Corporation
mozilla
>>bugzilla>>2.16.11
cpe:2.3:a:mozilla:bugzilla:2.16.11:*:*:*:*:*:*:*
Mozilla Corporation
mozilla
>>bugzilla>>2.18
cpe:2.3:a:mozilla:bugzilla:2.18:*:*:*:*:*:*:*
Mozilla Corporation
mozilla
>>bugzilla>>2.18.1
cpe:2.3:a:mozilla:bugzilla:2.18.1:*:*:*:*:*:*:*
Mozilla Corporation
mozilla
>>bugzilla>>2.18.2
cpe:2.3:a:mozilla:bugzilla:2.18.2:*:*:*:*:*:*:*
Mozilla Corporation
mozilla
>>bugzilla>>2.18.3
cpe:2.3:a:mozilla:bugzilla:2.18.3:*:*:*:*:*:*:*
Mozilla Corporation
mozilla
>>bugzilla>>2.18.4
cpe:2.3:a:mozilla:bugzilla:2.18.4:*:*:*:*:*:*:*
Mozilla Corporation
mozilla
>>bugzilla>>2.18.5
cpe:2.3:a:mozilla:bugzilla:2.18.5:*:*:*:*:*:*:*
Mozilla Corporation
mozilla
>>bugzilla>>2.18.6
cpe:2.3:a:mozilla:bugzilla:2.18.6:*:*:*:*:*:*:*
Mozilla Corporation
mozilla
>>bugzilla>>2.20
cpe:2.3:a:mozilla:bugzilla:2.20:*:*:*:*:*:*:*
Mozilla Corporation
mozilla
>>bugzilla>>2.20.1
cpe:2.3:a:mozilla:bugzilla:2.20.1:*:*:*:*:*:*:*
Mozilla Corporation
mozilla
>>bugzilla>>2.20.2
cpe:2.3:a:mozilla:bugzilla:2.20.2:*:*:*:*:*:*:*
Mozilla Corporation
mozilla
>>bugzilla>>2.20.3
cpe:2.3:a:mozilla:bugzilla:2.20.3:*:*:*:*:*:*:*
Mozilla Corporation
mozilla
>>bugzilla>>2.20.4
cpe:2.3:a:mozilla:bugzilla:2.20.4:*:*:*:*:*:*:*
Mozilla Corporation
mozilla
>>bugzilla>>2.20.5
cpe:2.3:a:mozilla:bugzilla:2.20.5:*:*:*:*:*:*:*
Mozilla Corporation
mozilla
>>bugzilla>>2.20.6
cpe:2.3:a:mozilla:bugzilla:2.20.6:*:*:*:*:*:*:*
Mozilla Corporation
mozilla
>>bugzilla>>2.20.7
cpe:2.3:a:mozilla:bugzilla:2.20.7:*:*:*:*:*:*:*
Mozilla Corporation
mozilla
>>bugzilla>>2.22
cpe:2.3:a:mozilla:bugzilla:2.22:*:*:*:*:*:*:*
Mozilla Corporation
mozilla
>>bugzilla>>2.22.1
cpe:2.3:a:mozilla:bugzilla:2.22.1:*:*:*:*:*:*:*
Mozilla Corporation
mozilla
>>bugzilla>>2.22.2
cpe:2.3:a:mozilla:bugzilla:2.22.2:*:*:*:*:*:*:*
Mozilla Corporation
mozilla
>>bugzilla>>2.22.3
cpe:2.3:a:mozilla:bugzilla:2.22.3:*:*:*:*:*:*:*
Mozilla Corporation
mozilla
>>bugzilla>>2.22.4
cpe:2.3:a:mozilla:bugzilla:2.22.4:*:*:*:*:*:*:*
Mozilla Corporation
mozilla
>>bugzilla>>2.22.5
cpe:2.3:a:mozilla:bugzilla:2.22.5:*:*:*:*:*:*:*
Mozilla Corporation
mozilla
>>bugzilla>>2.22.6
cpe:2.3:a:mozilla:bugzilla:2.22.6:*:*:*:*:*:*:*
Mozilla Corporation
mozilla
>>bugzilla>>2.22.7
cpe:2.3:a:mozilla:bugzilla:2.22.7:*:*:*:*:*:*:*
Mozilla Corporation
mozilla
>>bugzilla>>3.0
cpe:2.3:a:mozilla:bugzilla:3.0:*:*:*:*:*:*:*
Mozilla Corporation
mozilla
>>bugzilla>>3.0.1
cpe:2.3:a:mozilla:bugzilla:3.0.1:*:*:*:*:*:*:*
Weaknesses
CWE IDTypeSource
CWE-79Primarynvd@nist.gov
Evaluator Description
Evaluator Impact

Evaluator Solution

Vendor Statements
References
HyperlinkSourceResource
http://packetstormsecurity.com/files/135048/Bugzilla-Cross-Site-Scripting-Information-Leak.htmlsecurity@mozilla.org
N/A
http://seclists.org/bugtraq/2015/Dec/131security@mozilla.org
N/A
http://www.securityfocus.com/bid/79660security@mozilla.org
N/A
http://www.securitytracker.com/id/1034556security@mozilla.org
N/A
https://bugzilla.mozilla.org/show_bug.cgi?id=1221518security@mozilla.org
Exploit
Vendor Advisory
https://www.bugzilla.org/security/4.2.15/security@mozilla.org
N/A
http://packetstormsecurity.com/files/135048/Bugzilla-Cross-Site-Scripting-Information-Leak.htmlaf854a3a-2127-422b-91ae-364da2661108
N/A
http://seclists.org/bugtraq/2015/Dec/131af854a3a-2127-422b-91ae-364da2661108
N/A
http://www.securityfocus.com/bid/79660af854a3a-2127-422b-91ae-364da2661108
N/A
http://www.securitytracker.com/id/1034556af854a3a-2127-422b-91ae-364da2661108
N/A
https://bugzilla.mozilla.org/show_bug.cgi?id=1221518af854a3a-2127-422b-91ae-364da2661108
Exploit
Vendor Advisory
https://www.bugzilla.org/security/4.2.15/af854a3a-2127-422b-91ae-364da2661108
N/A
Change History
0Changes found
Details not found