← CVECheck
HomeVulnerabilities

CVE-2002-0807 — HIGH severity vulnerability (Cross-site scripting vulnerabilities in Bugzilla 2.14 before)

Cross-site scripting vulnerabilities in Bugzilla 2.14 before 2.14.2, and 2.16 before 2.16rc2, could allow remote attackers to execute script as other Bugzilla users via the full name (real name) field, which is not properly quoted by editusers.cgi.

CVE IDCVE-2002-0807
SeverityHIGH
CVSS score7.5
CVSS vectorAV:N/AC:L/Au:N/C:P/I:P/A:P
CWENVD-CWE-Other
StatusModified
Published2002-08-12
Last modified2026-04-16
DescriptionCross-site scripting vulnerabilities in Bugzilla 2.14 before 2.14.2, and 2.16 before 2.16rc2, could allow remote attackers to execute script as other Bugzilla users via the full name (real name) field, which is not properly quoted by editusers.cgi.
SourceNIST National Vulnerability Database

🔍 Search all vulnerabilities →