2
Candidate: CVE-2006-5453
4
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5453
6
Multiple cross-site scripting (XSS) vulnerabilities in Bugzilla 2.18.x
7
before 2.18.6, 2.20.x before 2.20.3, 2.22.x before 2.22.1, and 2.23.x
8
before 2.23.3 allow remote authenticated users to inject arbitrary web
9
script or HTML via (1) page headers using the H1, H2, and H3 HTML tags in
10
global/header.html.tmpl, (2) description fields of certain items in various
11
edit cgi scripts, and (3) the id parameter in showdependencygraph.cgi.
15
dapper_bugzilla: ignored (reached end-of-life)
16
edgy_bugzilla: needed (reached end-of-life)
17
feisty_bugzilla: released (2.22.1-2)
18
gutsy_bugzilla: released (2.22.1-2)
19
hardy_bugzilla: released (2.22.1-2)
20
intrepid_bugzilla: released (2.22.1-2)
21
jaunty_bugzilla: released (2.22.1-2)
22
karmic_bugzilla: released (2.22.1-2)
23
devel_bugzilla: released (2.22.1-2)