CVE-2006-1580 Information

Description

Multiple cross-site scripting (XSS) vulnerabilities in Bugzero 4.3.1 and other versions allow remote attackers to inject arbitrary web script or HTML via the (1) msg parameter in query.jsp and (2) entryId parameter in edit.jsp.

Reference

http://pridels0.blogspot.com/2006/04/bugzero-xss-vuln.html http://secunia.com/advisories/19492 http://www.osvdb.org/24328 http://www.osvdb.org/24329 http://www.securityfocus.com/bid/17351 http://www.vupen.com/english/advisories/2006/1195 https://exchange.xforce.ibmcloud.com/vulnerabilities/25601