Bugzilla show_bug.cgi id Parameter XSS

Medium Nessus Plugin ID 64877

Synopsis

The remote web server contains a CGI application that if affected by a cross-site scripting vulnerability.

Description

The version of Bugzilla installed on the remote host is affected by a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input to the 'id' parameter of the 'show_bug.cgi' script. An attacker may be able to leverage this to inject arbitrary HTML and script code into a user's browser to be executed within the security context of the affected site.

Note that the install is also likely to be affected by an information disclosure vulnerability; however, Nessus has not tested for this.

Solution

Upgrade to Bugzilla 3.6.13 / 4.0.10 / 4.2.5 / 4.4rc2 or later.

See Also

https://bugzilla.mozilla.org/show_bug.cgi?id=842038

http://www.bugzilla.org/security/3.6.12/

Plugin Details

Severity: Medium

ID: 64877

File Name: bugzilla_show_bug_xss.nasl

Version: 1.6

Type: remote

Published: 2013/02/25

Modified: 2018/06/27

Dependencies: 11462

Risk Information

Risk Factor: Medium

CVSS v2.0

Base Score: 4.3

Temporal Score: 3.7

Vector: CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:N

Temporal Vector: CVSS2#E:H/RL:OF/RC:C

Vulnerability Information

CPE: cpe:/a:mozilla:bugzilla

Required KB Items: installed_sw/Bugzilla

Excluded KB Items: Settings/disable_cgi_scanning

Exploit Available: false

Exploit Ease: No exploit is required

Patch Publication Date: 2013/02/19

Vulnerability Publication Date: 2013/02/16

Reference Information

CVE: CVE-2013-0785

BID: 58060

CWE: 20, 74, 79, 442, 629, 711, 712, 722, 725, 750, 751, 800, 801, 809, 811, 864, 900, 928, 931, 990