3 matches found
CVE-2002-0009
In Bugzilla versions before 2.14.1, a user with Bugs Access privileges could trigger information disclosure by submitting a bug and reading the resulting Product pulldown menu, revealing other products not accessible to them. The root cause is insufficient access controls around the Product pulld...
CVE-2002-0009
showbug.cgi in Bugzilla before 2.14.1 allows a user with "Bugs Access" privileges to see other products that are not accessible to the user, by submitting a bug and reading the resulting Product pulldown menu...
CVE-2002-0009
showbug.cgi in Bugzilla before 2.14.1 allows a user with "Bugs Access" privileges to see other products that are not accessible to the user, by submitting a bug and reading the resulting Product pulldown menu...