Status:

Candidate

Description:

Cross-site scripting (XSS) vulnerability in default.asp in FogBugz 4.029, and other versions before 4.0.33, allows remote attackers to inject arbitrary web script or HTML via the dest parameter in the pgLogon page.

Reference:

Phase:

Assigned (20060113)
CVE IDProtocolSoursePortTargetPort

Other Vulnerabilities:

Year CEV (3053)
Common Vulnerabilities
and Exposures
CAN (20174)
Candidate
1999CVE-1999 (821)CAN-1999 (749 )
2000CVE-2000 (808)CAN-2000 (423 )
2001CVE-2001 (625)CAN-2001 (934 )
2002CVE-2002 (643)CAN-2002 (1566)
2003CVE-2003 (81 )CAN-2003 (1236)
2004CVE-2004 (75 )CAN-2004 (2601)
2005-CAN-2005 (4825)
2006-CAN-2006 (6982)
2007-CAN-2007 (858 )