VULHUB ™

Bugzilla Security Advisory - Five security related bugs have been discovered in this web-based bug tracking system. Two relate to SQL injection attacks via privileged user accounts. A third allows ex-members of a deleted group to get inserted into a new group if it is created reusing the same name. Two other issues allow extraction of bug information for any known email address and for a user to obtain descriptions for a product they do not have access to.

Bugzilla Security Advisory - Five security related bugs have been discovered in this web-based bug tracking system. Two relate to SQL injection attacks via privileged user accounts. A third allows ex-members of a deleted group to get inserted into a new group if it is created reusing the same name. Two other issues allow extraction of bug information for any known email address and for a user to obtain descriptions for a product they do not have access to.