Vulnerability   
Search   
    Search 219043 CVE descriptions
and 99761 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

CVE ID:CVE-2015-8509
Description:Template.pm in Bugzilla 2.x, 3.x, and 4.x before 4.2.16, 4.3.x and 4.4.x before 4.4.11, and 4.5.x and 5.0.x before 5.0.2 does not properly construct CSV files, which allows remote attackers to obtain sensitive information by leveraging a web browser that interprets CSV data as JavaScript code.
Test IDs: None available
Cross References: Common Vulnerability Exposure (CVE) ID: CVE-2015-8509
BugTraq ID: 79662
http://www.securityfocus.com/bid/79662
Bugtraq: 20151222 Security advisory for Bugzilla 5.0.2, 4.4.11 and 4.2.16 (Google Search)
http://seclists.org/bugtraq/2015/Dec/131
http://packetstormsecurity.com/files/135048/Bugzilla-Cross-Site-Scripting-Information-Leak.html
http://www.securitytracker.com/id/1034556




© 1998-2024 E-Soft Inc. All rights reserved.