Unrated severityNVD Advisory· Published Jul 27, 2004· Updated Jun 16, 2026
CVE-2004-0705
CVE-2004-0705
Description
Multiple cross-site scripting (XSS) vulnerabilities in (1) editcomponents.cgi, (2) editgroups.cgi, (3) editmilestones.cgi, (4) editproducts.cgi, (5) editusers.cgi, and (6) editversions.cgi in Bugzilla 2.16.x before 2.16.6, and 2.18 before 2.18rc1, allow remote attackers to execute arbitrary JavaScript as other users via a URL parameter.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2>=2.16,<2.16.6+ 1 more
- (no CPE)range: >=2.16,<2.16.6
- (no CPE)range: 2.16.x before 2.16.6, 2.18 before 2.18rc1
Patches
Vulnerability mechanics
References
4- www.securityfocus.com/bid/10698nvdPatchVendor Advisory
- bugzilla.mozilla.org/show_bug.cginvd
- marc.infonvd
- exchange.xforce.ibmcloud.com/vulnerabilities/16670nvd
News mentions
0No linked articles in our index yet.