CVE-2008-2104

2008-05-07T20:20:00
ID CVE-2008-2104
Type cve
Reporter cve@mitre.org
Modified 2017-08-08T01:30:00

Description

The WebService in Bugzilla 3.1.3 allows remote authenticated users without canconfirm privileges to create NEW or ASSIGNED bug entries via a request to the XML-RPC interface, which bypasses the canconfirm check.