Vulnerabilities > Mozilla > Bugzilla > 2.9
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-04-29 | CVE-2018-5123 | Cross-Site Request Forgery (CSRF) vulnerability in Mozilla Bugzilla A third party website can access information available to a user with access to a restricted bug entry using the image generation in report.cgi in all Bugzilla versions prior to 4.4. | 8.8 |
| 2017-04-12 | CVE-2016-2803 | Cross-site Scripting vulnerability in Mozilla Bugzilla Cross-site scripting (XSS) vulnerability in the dependency graphs in Bugzilla 2.16rc1 through 4.4.11, and 4.5.1 through 5.0.2 allows remote attackers to inject arbitrary web script or HTML. | 6.1 |