Bugzilla 3.3.1 up to and including 3.4.4, 3.5.1, and 3.5.2 does not allow group restrictions to be preserved throughout the process of moving a bug to a different product category, which allows remote malicious users to obtain sensitive information via a request for a bug in opportunistic circumstances.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
mozilla bugzilla 3.4.2 |
||
mozilla bugzilla 3.4.4 |
||
mozilla bugzilla 3.3.2 |
||
mozilla bugzilla 3.3.3 |
||
mozilla bugzilla 3.3.4 |
||
mozilla bugzilla 3.4 |
||
mozilla bugzilla 3.4.1 |
||
mozilla bugzilla 3.3.1 |
||
mozilla bugzilla 3.5.1 |
||
mozilla bugzilla 3.5.2 |