Vulnerability CVE-2014-1571

Vulnerability CVE-2014-1571

Published: 2014-10-12 Modified: 2014-10-13

Description:

	Topic	Author	Date
Med.	Bugzilla Account Creation / XSS / Information Leak	Multiple	08.10.2014

Type:

(Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting'))

CVSS Base Score	Impact Subscore	Exploitability Subscore
4/10	2.9/10	8/10

Affected software
Mozilla -> Bugzilla
Fedoraproject -> Fedora

https://bugzilla.mozilla.org/show_bug.cgi?id=1064140

http://www.securitytracker.com/id/1030978

http://www.mandriva.com/security/advisories?name=MDVSA-2014:200

http://www.bugzilla.org/security/4.0.14/

http://packetstormsecurity.com/files/128578/Bugzilla-Account-Creation-XSS-Information-Leak.html

http://lists.fedoraproject.org/pipermail/package-announce/2014-October/141321.html

http://lists.fedoraproject.org/pipermail/package-announce/2014-October/141309.html

http://lists.fedoraproject.org/pipermail/package-announce/2014-November/142524.html

http://advisories.mageia.org/MGASA-2014-0412.html