The User.offer_account_by_email WebService method in Bugzilla 2.x and 3.x prior to 3.4.13, 3.5.x and 3.6.x prior to 3.6.7, 3.7.x and 4.0.x prior to 4.0.3, and 4.1.x up to and including 4.1.3, when createemailregexp is not empty, does not properly handle user_can_create_account settings, which allows remote malicious users to create user accounts by leveraging a token contained in an e-mail message.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
mozilla bugzilla 3.3.1 |
||
mozilla bugzilla 3.7.2 |
||
mozilla bugzilla 3.0.0 |
||
mozilla bugzilla 3.1.1 |
||
mozilla bugzilla 3.0.5 |
||
mozilla bugzilla 3.0.6 |
||
mozilla bugzilla 3.2.4 |
||
mozilla bugzilla 3.2.5 |
||
mozilla bugzilla 3.3.4 |
||
mozilla bugzilla 3.4 |
||
mozilla bugzilla 3.0 |
||
mozilla bugzilla 3.7.3 |
||
mozilla bugzilla 3.0.1 |
||
mozilla bugzilla 3.0.10 |
||
mozilla bugzilla 3.0.11 |
||
mozilla bugzilla 3.0.9 |
||
mozilla bugzilla 3.2.10 |
||
mozilla bugzilla 3.2.8 |
||
mozilla bugzilla 3.2.9 |
||
mozilla bugzilla 3.4.12 |
||
mozilla bugzilla 3.4.2 |
||
mozilla bugzilla 3.4.9 |
||
mozilla bugzilla 3.6.1 |
||
mozilla bugzilla 3.6.0 |
||
mozilla bugzilla 4.0 |
||
mozilla bugzilla 4.1.3 |
||
mozilla bugzilla 2.19 |
||
mozilla bugzilla 2.19.3 |
||
mozilla bugzilla 2.20.2 |
||
mozilla bugzilla 2.23.1 |
||
mozilla bugzilla 2.23 |
||
mozilla bugzilla 2.9 |
||
mozilla bugzilla 2.8 |
||
mozilla bugzilla 2.16.3 |
||
mozilla bugzilla 2.16.2 |
||
mozilla bugzilla 2.16 |
||
mozilla bugzilla 2.14.4 |
||
mozilla bugzilla 2.14.3 |
||
mozilla bugzilla 2.18 |
||
mozilla bugzilla 2.17.1 |
||
mozilla bugzilla 2.22.2 |
||
mozilla bugzilla 2.17.2 |
||
mozilla bugzilla 2.18.6 |
||
mozilla bugzilla 2.20.6 |
||
mozilla bugzilla 2.20.7 |
||
mozilla bugzilla 3.3.2 |
||
mozilla bugzilla 3.7.1 |
||
mozilla bugzilla 3.0.2 |
||
mozilla bugzilla 3.1.2 |
||
mozilla bugzilla 3.0.3 |
||
mozilla bugzilla 3.0.4 |
||
mozilla bugzilla 3.2.2 |
||
mozilla bugzilla 3.2.3 |
||
mozilla bugzilla 3.3 |
||
mozilla bugzilla 3.3.3 |
||
mozilla bugzilla 3.4.3 |
||
mozilla bugzilla 3.4.4 |
||
mozilla bugzilla 3.5 |
||
mozilla bugzilla 3.5.1 |
||
mozilla bugzilla 3.6.2 |
||
mozilla bugzilla 3.6.4 |
||
mozilla bugzilla 3.6.5 |
||
mozilla bugzilla 4.0.1 |
||
mozilla bugzilla 2.19.1 |
||
mozilla bugzilla 2.18.4 |
||
mozilla bugzilla 2.20.3 |
||
mozilla bugzilla 2.20 |
||
mozilla bugzilla 2.20.1 |
||
mozilla bugzilla 2.22.1 |
||
mozilla bugzilla 2.22 |
||
mozilla bugzilla 3.2 |
||
mozilla bugzilla 3.2.1 |
||
mozilla bugzilla 3.1.0 |
||
mozilla bugzilla 3.1.4 |
||
mozilla bugzilla 3.1.3 |
||
mozilla bugzilla 3.0.7 |
||
mozilla bugzilla 3.0.8 |
||
mozilla bugzilla 3.2.6 |
||
mozilla bugzilla 3.2.7 |
||
mozilla bugzilla 3.4.10 |
||
mozilla bugzilla 3.4.11 |
||
mozilla bugzilla 3.4.7 |
||
mozilla bugzilla 3.4.8 |
||
mozilla bugzilla 3.6 |
||
mozilla bugzilla 3.6.7 |
||
mozilla bugzilla 3.7 |
||
mozilla bugzilla 4.1.1 |
||
mozilla bugzilla 4.1.2 |
||
mozilla bugzilla 2.19.2 |
||
mozilla bugzilla 2.21 |
||
mozilla bugzilla 2.21.1 |
||
mozilla bugzilla 2.23.3 |
||
mozilla bugzilla 2.23.2 |
||
mozilla bugzilla 2.16.11 |
||
mozilla bugzilla 2.16.10 |
||
mozilla bugzilla 2.14.2 |
||
mozilla bugzilla 2.14.1 |
||
mozilla bugzilla 2.17.7 |
||
mozilla bugzilla 2.16.8 |
||
mozilla bugzilla 2.16.9 |
||
mozilla bugzilla 2.17 |
||
mozilla bugzilla 2.0 |
||
mozilla bugzilla 2.2 |
||
mozilla bugzilla 2.20.5 |
||
mozilla bugzilla 2.22.7 |
||
mozilla bugzilla 3.4.1 |
||
mozilla bugzilla 3.4.5 |
||
mozilla bugzilla 3.4.6 |
||
mozilla bugzilla 3.5.2 |
||
mozilla bugzilla 3.5.3 |
||
mozilla bugzilla 3.6.3 |
||
mozilla bugzilla 3.6.6 |
||
mozilla bugzilla 4.0.2 |
||
mozilla bugzilla 4.1 |
||
mozilla bugzilla 2.18.5 |
||
mozilla bugzilla 2.21.2 |
||
mozilla bugzilla 2.6 |
||
mozilla bugzilla 2.4 |
||
mozilla bugzilla 2.16.7 |
||
mozilla bugzilla 2.16.6 |
||
mozilla bugzilla 2.23.4 |
||
mozilla bugzilla 2.18.2 |
||
mozilla bugzilla 2.18.3 |
||
mozilla bugzilla 2.17.5 |
||
mozilla bugzilla 2.17.6 |
||
mozilla bugzilla 2.10 |
||
mozilla bugzilla 2.20.4 |
||
mozilla bugzilla 2.18.8 |
||
mozilla bugzilla 2.18.9 |
||
mozilla bugzilla 2.22.4 |
||
mozilla bugzilla 2.22.5 |
||
mozilla bugzilla 2.22.6 |
||
mozilla bugzilla 2.16.5 |
||
mozilla bugzilla 2.16.4 |
||
mozilla bugzilla 2.14.5 |
||
mozilla bugzilla 2.16.1 |
||
mozilla bugzilla 2.18.1 |
||
mozilla bugzilla 2.17.3 |
||
mozilla bugzilla 2.17.4 |
||
mozilla bugzilla 2.12 |
||
mozilla bugzilla 2.14 |
||
mozilla bugzilla 2.18.6\\+ |
||
mozilla bugzilla 2.18.7 |
||
mozilla bugzilla 2.22.3 |