Bugzilla 2.16.x before 2.16.1 does not properly filter apostrophes from an email address during account creation, which allows remote attackers to execute arbitrary SQL via a SQL injection attack.
Max CVSS
7.5
EPSS Score
0.19%
Published
2002-10-28
Updated
2016-10-18
1 vulnerabilities found