Cross-site scripting vulnerabilities in Bugzilla 2.14 before 2.14.2, and 2.16 before 2.16rc2, could allow remote attackers to execute script as other Bugzilla users via the full name (real name) field, which is not properly quoted by editusers.cgi.
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2002-07-31T04:00:00

Updated: 2024-08-08T03:03:48.554Z

Reserved: 2002-07-29T00:00:00

Link: CVE-2002-0807

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2002-08-12T04:00:00.000

Modified: 2024-11-20T23:39:55.010

Link: CVE-2002-0807

cve-icon Redhat

Severity :

Publid Date: 2002-06-08T00:00:00Z

Links: CVE-2002-0807 - Bugzilla