Reference: CONFIRM: http://www.bugzilla.org/security/2.22.6/
Bugzilla 2.x before 2.22.7, 3.0 before 3.0.7, 3.2 before 3.2.1, and
3.3 before 3.3.2 allows remote authenticated users to conduct
cross-site scripting (XSS) and related attacks by uploading HTML and
bugzilla-3.2.2-2.fc9 has been submitted as an update for Fedora 9.
bugzilla-3.2.2-2.fc10 has been submitted as an update for Fedora 10.
bugzilla-3.2.2-2.fc9 has been pushed to the Fedora 9 stable repository. If problems still persist, please make note of it in this bug report.
bugzilla-3.2.2-2.fc10 has been pushed to the Fedora 10 stable repository. If problems still persist, please make note of it in this bug report.