Lbutler

**Name of the Vulnerable Software and Affected Versions** Bugzilla versions 2.17.2 and later **Description** A cross-site scripting issue allows remote attackers to inject arbitrary web script or HTML via the `id` parameter to the "Format for Printing" view or "Long Format" bug list. **Recommendations** For Bugzilla versions 2.17.2 and later, avoid using the `id` parameter in the affected views until a fix is available. As a temporary workaround, consider restricting access to the "Format for Printing" view and "Long Format" bug list to minimize the risk of exploitation.