Bugzilla 2.19.3 up to and including 2.20 does not properly handle "//" sequences in URLs when redirecting a user from the login form, which could cause it to generate a partial URL in a form action that causes the user's browser to send the form data to another domain.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
mozilla bugzilla 2.21.1 |
||
mozilla bugzilla 2.21.2 |
||
mozilla bugzilla 2.20 |
||
mozilla bugzilla 2.21 |
||
mozilla bugzilla 2.19.3 |