Multiple cross-site scripting (XSS) vulnerabilities in Bugzilla 2.x and 3.x before 3.4.13, 3.5.x and 3.6.x before 3.6.7, 3.7.x and 4.0.x before 4.0.3, and 4.1.x through 4.1.3, when debug mode is used, allow remote attackers to inject arbitrary web script or HTML via vectors involving a (1) tabular report, (2) graphical report, or (3) new chart.
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2012-01-02T19:00:00

Updated: 2024-08-06T23:46:01.388Z

Reserved: 2011-09-23T00:00:00

Link: CVE-2011-3657

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2012-01-02T19:55:01.627

Modified: 2024-11-21T01:30:56.517

Link: CVE-2011-3657

cve-icon Redhat

No data.