Vulnerabilities > Mozilla > Bugzilla > Medium

DATE CVE VULNERABILITY TITLE RISK
2017-04-12 CVE-2016-2803 Cross-site Scripting vulnerability in Mozilla Bugzilla
Cross-site scripting (XSS) vulnerability in the dependency graphs in Bugzilla 2.16rc1 through 4.4.11, and 4.5.1 through 5.0.2 allows remote attackers to inject arbitrary web script or HTML.
network
low complexity
mozilla CWE-79
6.1
6.1
2016-01-03 CVE-2015-8508 Cross-site Scripting vulnerability in Mozilla Bugzilla
Cross-site scripting (XSS) vulnerability in showdependencygraph.cgi in Bugzilla 2.x, 3.x, and 4.x before 4.2.16, 4.3.x and 4.4.x before 4.4.11, and 4.5.x and 5.0.x before 5.0.2, when a local dot configuration is used, allows remote attackers to inject arbitrary web script or HTML via a crafted bug summary.
network
high complexity
mozilla CWE-79
4.7
4.7