CVE-2004-1633
The CVE-2004-1633 issue affects Bugzilla 2.9 through 2.18rc2 and 2.19 from CVS, where process_bug.cgi does not enforce edit permissions on the keywords field. An authenticated remote user can modify a bug’s keywords via the keywordaction parameter. The connection documents confirm the vulnerable ...