{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-19T02:37:18.456","vulnerabilities":[{"cve":{"id":"CVE-2012-4189","sourceIdentifier":"cve@mitre.org","published":"2012-11-16T12:24:24.087","lastModified":"2025-04-11T00:51:21.963","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"Cross-site scripting (XSS) vulnerability in Bugzilla 4.1.x and 4.2.x before 4.2.4, and 4.3.x and 4.4.x before 4.4rc1, allows remote attackers to inject arbitrary web script or HTML via a field value that is not properly handled during construction of a tabular report, as demonstrated by the Version field."},{"lang":"es","value":"Una vulnerabilidad de ejecución de comandos en sitios cruzados (XSS) en Bugzilla v4.1.x y v4.2.x antes de v4.2.4, v4.3.x y v4.4.x antes y v4.4rc1, permite a atacantes remotos inyectar secuencias de comandos web o HTML a través de un valor de campo que no se maneja adecuadamente durante la construcción de un informe tabular, como se demuestra usando el campo 'Version'.\r\n"}],"metrics":{"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:M/Au:N/C:N/I:P/A:N","baseScore":4.3,"accessVector":"NETWORK","accessComplexity":"MEDIUM","authentication":"NONE","confidentialityImpact":"NONE","integrityImpact":"PARTIAL","availabilityImpact":"NONE"},"baseSeverity":"MEDIUM","exploitabilityScore":8.6,"impactScore":2.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":true}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-79"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:mozilla:bugzilla:4.1:*:*:*:*:*:*:*","matchCriteriaId":"85CDC579-6967-4E5C-B716-B2BC04F6DBF2"},{"vulnerable":true,"criteria":"cpe:2.3:a:mozilla:bugzilla:4.1.1:*:*:*:*:*:*:*","matchCriteriaId":"27783033-F558-427C-89A7-C3638C57F2A0"},{"vulnerable":true,"criteria":"cpe:2.3:a:mozilla:bugzilla:4.1.2:*:*:*:*:*:*:*","matchCriteriaId":"E91557C7-8C53-49C4-8BC5-7F86D4AA09B8"},{"vulnerable":true,"criteria":"cpe:2.3:a:mozilla:bugzilla:4.1.3:*:*:*:*:*:*:*","matchCriteriaId":"50448355-F1D3-48AB-AED0-5FE027D7C199"}]}]},{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:mozilla:bugzilla:4.2:*:*:*:*:*:*:*","matchCriteriaId":"7CE9B4E3-8044-4305-A517-E695D0831355"},{"vulnerable":true,"criteria":"cpe:2.3:a:mozilla:bugzilla:4.2:rc1:*:*:*:*:*:*","matchCriteriaId":"4BDA28D1-5B26-4FBA-B685-C230569AF024"},{"vulnerable":true,"criteria":"cpe:2.3:a:mozilla:bugzilla:4.2:rc2:*:*:*:*:*:*","matchCriteriaId":"F61B90BF-3548-4D3A-BF70-A9DC96C11775"},{"vulnerable":true,"criteria":"cpe:2.3:a:mozilla:bugzilla:4.2.1:*:*:*:*:*:*:*","matchCriteriaId":"AD204F45-15FE-4677-BC4C-A53F322A3B15"},{"vulnerable":true,"criteria":"cpe:2.3:a:mozilla:bugzilla:4.2.2:*:*:*:*:*:*:*","matchCriteriaId":"22FAFCDF-C615-4958-9C6D-E74EC11E9A62"},{"vulnerable":true,"criteria":"cpe:2.3:a:mozilla:bugzilla:4.2.3:*:*:*:*:*:*:*","matchCriteriaId":"4D623AEB-622E-470E-898C-A447F9C4066A"}]}]},{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:mozilla:bugzilla:4.3:*:*:*:*:*:*:*","matchCriteriaId":"F119CA93-4D32-4852-90AD-A23215D6CBAC"},{"vulnerable":true,"criteria":"cpe:2.3:a:mozilla:bugzilla:4.3.1:*:*:*:*:*:*:*","matchCriteriaId":"6CA9A1C4-412D-4EED-8259-04F48322238B"},{"vulnerable":true,"criteria":"cpe:2.3:a:mozilla:bugzilla:4.3.2:*:*:*:*:*:*:*","matchCriteriaId":"27847E43-22AD-468D-8E64-8D56EA8CBE50"},{"vulnerable":true,"criteria":"cpe:2.3:a:mozilla:bugzilla:4.3.3:*:*:*:*:*:*:*","matchCriteriaId":"8DBB66FA-6E99-4F08-A223-6070E193B869"}]}]}],"references":[{"url":"http://www.bugzilla.org/security/3.6.11/","source":"cve@mitre.org","tags":["Vendor Advisory"]},{"url":"http://www.mandriva.com/security/advisories?name=MDVSA-2013:066","source":"cve@mitre.org"},{"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=790296","source":"cve@mitre.org","tags":["Exploit","Patch"]},{"url":"http://www.bugzilla.org/security/3.6.11/","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"]},{"url":"http://www.mandriva.com/security/advisories?name=MDVSA-2013:066","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"https://bugzilla.mozilla.org/show_bug.cgi?id=790296","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Patch"]}]}}]}