Vulnerability Database

289,871

Total vulnerabilities in the database

CVE-2002-0807

Cross-site scripting vulnerabilities in Bugzilla 2.14 before 2.14.2, and 2.16 before 2.16rc2, could allow remote attackers to execute script as other Bugzilla users via the full name (real name) field, which is not properly quoted by editusers.cgi.

  • Published: Aug 12, 2002
  • Updated: Apr 13, 2023
  • CVE: CVE-2002-0807
  • Severity: High
  • Exploit:

CVSS v2:

  • Severity: High
  • Score: 7.5
  • AV:N/AC:L/Au:N/C:P/I:P/A:P

No CWE or OWASP classifications available.

Software From Fixed in
mozilla / bugzilla 2.16-rc1 2.16-rc1.x
mozilla / bugzilla 2.16 2.16.x
mozilla / bugzilla 2.14.1 2.14.1.x
mozilla / bugzilla 2.14 2.14.x