VULHUB ™

Bugzilla is the bug tracking software package by the Mozilla project. It can be configured to run on Microsoft Windows and various Unix/Linux platforms. It is possible for a user to change their groupset. The attacker may manipulate form elements to supply their own value for the 'mybugslink' variable in the userprefs form. This issue may allow a malicious user to view bug information in other groups.

Bugzilla is the bug tracking software package by the Mozilla project. It can be configured to run on Microsoft Windows and various Unix/Linux platforms. It is possible for a user to change their groupset. The attacker may manipulate form elements to supply their own value for the 'mybugslink' variable in the userprefs form. This issue may allow a malicious user to view bug information in other groups.