CVE-2010-4569
published 2011-01-28CVE-2010-4569: Cross-site scripting (XSS) vulnerability in Bugzilla 3.7.1, 3.7.2, 3.7.3, and 4.0rc1 allows remote attackers to inject arbitrary web script or HTML via the…
medium4.3CVSS 3.1
AVNACMAuNCNIPAN
Cross-site scripting (XSS) vulnerability in Bugzilla 3.7.1, 3.7.2, 3.7.3, and 4.0rc1 allows remote attackers to inject arbitrary web script or HTML via the real name field of a user account, related to the AutoComplete widget in YUI.
Affected
18 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| mozilla | bugzilla | — | — |
| mozilla | bugzilla | — | — |
| mozilla | bugzilla | — | — |
| mozilla | bugzilla | — | — |
| yahoo | yui | <= 2.8.2 | — |
| yahoo | yui | — | — |
| yahoo | yui | — | — |
| yahoo | yui | — | — |
| yahoo | yui | — | — |
| yahoo | yui | — | — |
| yahoo | yui | — | — |
| yahoo | yui | — | — |
| yahoo | yui | — | — |
| yahoo | yui | — | — |
| yahoo | yui | — | — |
| yahoo | yui | — | — |
| yahoo | yui | — | — |
| yahoo | yui | — | — |