3 matches found
CVE-2001-1401
Bugzilla before 2.14 contains an access-control flaw where confidential bugs can be viewed by manipulating bug id parameters in multiple scripts (process_bug.cgi, show_activity.cgi, showvotes.cgi, showdependencytree.cgi, showdependencygraph.cgi, showattachment.cgi, describecomponents.cgi). The un...
CVE-2001-1401
Bugzilla before 2.14 does not properly restrict access to confidential bugs, which could allow Bugzilla users to bypass viewing permissions via modified bug id parameters in 1 processbug.cgi, 2 showactivity.cgi, 3 showvotes.cgi, 4 showdependencytree.cgi, 5 showdependencygraph.cgi, 6...
CVE-2001-1401
Bugzilla before 2.14 does not properly restrict access to confidential bugs, which could allow Bugzilla users to bypass viewing permissions via modified bug id parameters in 1 processbug.cgi, 2 showactivity.cgi, 3 showvotes.cgi, 4 showdependencytree.cgi, 5 showdependencygraph.cgi, 6...