CVE-2002-1198

High

7.5/10

Summary

Bugzilla 2.16.x before 2.16.1 does not properly filter apostrophes from an email address during account creation, which allows remote attackers to execute arbitrary SQL via a SQL injection attack.

Access Complexity: LOW
AccessVector: NETWORK
Authentication: NONE
Integrity Impact: PARTIAL
Confidentiality Impact: PARTIAL
Availability Impact: PARTIAL

References

Advisory Timeline

Published Oct 28, 2002

CVE-2002-1198

Summary

References

Advisory Timeline

ChainJacking

JetBrains IDE

KICS SaaS