Bugzilla Multiple Cross Site Scripting and Information Disclosure Vulnerabilities
Bugzilla is prone to the following vulnerabilities:
1. A cross-site scripting vulnerability
2. Multiple information-disclosure vulnerabilities
An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site, to steal cookie-based authentication credentials, and to obtain sensitive information.