CVE-2004-1061 SUSE CVE security@suse.de SUSE Security Team SUSE CVE-2004-1061 Interim 1 3 2021-06-09T08:32:08Z current 2021-05-30T12:31:00Z 2021-06-09T08:32:08Z cve-database/bin/generate-cvrf-cve.pl 2020-12-27T01:00:00Z CVE-2004-1061 Cross-site scripting (XSS) vulnerability in Bugzilla before 2.18, including 2.16.x before 2.16.11, allows remote attackers to inject arbitrary HTML and web script via forced error messages, as demonstrated using the action parameter. The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). https://www.suse.com/support/security/rating/ SUSE Security Ratings Cross-site scripting (XSS) vulnerability in Bugzilla before 2.18, including 2.16.x before 2.16.11, allows remote attackers to inject arbitrary HTML and web script via forced error messages, as demonstrated using the action parameter. CVE-2004-1061 moderate 4.3 AV:N/AC:M/Au:N/C:N/I:P/A:N