CVE-2002-0806

2003-04-0205:00:00

mitre

www.cve.org

6.4 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

20.0%

JSON

Bugzilla 2.14 before 2.14.2, and 2.16 before 2.16rc2, allows authenticated users with editing privileges to delete other users by directly calling the editusers.cgi script with the “del” option.

References

archives.neohapsis.com/archives/bugtraq/2002-06/0054.html

bugzilla.mozilla.org/show_bug.cgi?id=141557

www.iss.net/security_center/static/9303.php

www.osvdb.org/5080

www.redhat.com/support/errata/RHSA-2002-109.html

www.securityfocus.com/bid/4964