(CVE-2013-0785) [SECURITY] XSS in show_bug.cgi when using an invalid page format