Family: CGI abuses --> Category: infos
Bugzilla XSS and insecure temporary filenames Vulnerability Scan
Vulnerability Scan Summary
Searches for the existence of bugzilla
Detailed Explanation for this Vulnerability Test
The remote host contains a CGI which is vulnerable to a cross site scripting
and file deletion vulnerability
The remote Bugzilla bug tracking system, according to its version number, is
vulnerable to various flaws that may let a possible hacker perform cross site
scripting attacks or even delete local file files (provided he has an account
on the remote host).
Upgrade to 2.16.3 or 2.17.4
Low / CVSS Base Score : 3
Click HERE for more information and discussions on this network vulnerability scan.