Back to search
CVE-2010-4570
Published: Jan 28, 2011
Modified: Aug 7, 2024
PUBLISHED
Description
Cross-site scripting (XSS) vulnerability in the duplicate-detection functionality in Bugzilla 3.7.1, 3.7.2, 3.7.3, and 4.0rc1 allows remote attackers to inject arbitrary web script or HTML via the summary field, related to the DataTable widget in YUI.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
45982
vdb-entry
x_refsource_BID
70702
vdb-entry
x_refsource_OSVDB
http://www.bugzilla.org/security/3.2.9/
x_refsource_CONFIRM
bugzilla-summary-xss(65179)
vdb-entry
x_refsource_XF
ADV-2011-0271
vdb-entry
x_refsource_VUPEN
https://bugzilla.mozilla.org/show_bug.cgi?id=619648
x_refsource_CONFIRM
ADV-2011-0207
vdb-entry
x_refsource_VUPEN
http://yuilibrary.com/projects/yui2/ticket/2529228
x_refsource_MISC
http://yuilibrary.com/forum/viewtopic.php?p=12923
x_refsource_MISC
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now