The User.get method in Bugzilla/WebService/User.pm in Bugzilla 4.3.2 allows remote malicious users to obtain sensitive information about the saved searches of arbitrary users via an XMLRPC request or a JSONRPC request, a different vulnerability than CVE-2012-4198.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
mozilla bugzilla 4.3.2 |