bugzilla -- two SQL injections, sensitive data exposure

2009-09-11T00:00:00
ID B9EC7FE3-A38A-11DE-9C6B-003048818F40
Type freebsd
Reporter FreeBSD
Modified 2009-09-11T00:00:00

Description

A Bugzilla Security Advisory reports:

It is possible to inject raw SQL into the Bugzilla database via the "Bug.create" and "Bug.search" WebService functions. When a user would change his password, his new password would be exposed in the URL field of the browser if he logged in right after changing his password.