CVE-2010-4570 Information

Feb 14, 2021 cve

Description

Cross-site scripting (XSS) vulnerability in the duplicate-detection functionality in Bugzilla 3.7.1 3.7.2 3.7.3 and 4.0rc1 allows remote attackers to inject arbitrary web script or HTML via the summary field related to the DataTable widget in YUI.

Reference

http://osvdb.org/70702 http://www.bugzilla.org/security/3.2.9/ http://www.securityfocus.com/bid/45982 http://www.vupen.com/english/advisories/2011/0207 http://www.vupen.com/english/advisories/2011/0271 http://yuilibrary.com/forum/viewtopic.php?p=12923 http://yuilibrary.com/projects/yui2/ticket/2529228 https://bugzilla.mozilla.org/show_bug.cgi?id=619648 https://exchange.xforce.ibmcloud.com/vulnerabilities/65179

Share on: