Bugzilla prior to 2.14 allows Bugzilla users to bypass group security checks by marking a bug as the duplicate of a restricted bug, which adds the user to the CC list of the restricted bug and allows the user to view the bug.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
mozilla bugzilla 2.10 |
||
mozilla bugzilla 2.12 |
||
mozilla bugzilla 2.14 |
||
mozilla bugzilla 2.4 |
||
mozilla bugzilla 2.6 |
||
mozilla bugzilla 2.8 |