Mozilla11

**Name of the Vulnerable Software and Affected Versions** Bugzilla versions prior to 3.2.10 Bugzilla versions 3.4.x prior to 3.4.10 Bugzilla versions 3.6.x prior to 3.6.4 Bugzilla versions 4.0.x prior to 4.0rc2 **Description** The issue allows remote attackers to conduct cross-site scripting (XSS) attacks via the URL field. This is due to improper handling of whitespace preceding a `javascript:` or `data:` URI. **Recommendations** For versions prior to 3.2.10, update to version 3.2.10 or later. For versions 3.4.x prior to 3.4.10, update to version 3.4.10 or later. For versions 3.6.x prior to 3.6.4, update to version 3.6.4 or later. For versions 4.0.x prior to 4.0rc2, update to version 4.0rc2 or later.