CVE-2001-1407

Bugzilla before 2.14 is vulnerable: users can bypass group security by marking a bug as a duplicate of a restricted bug, which adds the user to the restricted bug’s CC list and lets them view it. Affected: Bugzilla ≤ 2.13 (pre-2.14). Root cause: bypass of group security checks via duplicate marki...

CVE-2001-1407

Bugzilla before 2.14 allows Bugzilla users to bypass group security checks by marking a bug as the duplicate of a restricted bug, which adds the user to the CC list of the restricted bug and allows the user to view the bug...