VULHUB ™

Bugzilla is the bug tracking software package by the Mozilla project. It can be configured to run on Microsoft Windows and various Unix/Linux platforms. A vulnerability exists in Bugzilla which may allow a user to file bug reports as any other user. The post_bug.cgi script does not properly validate the identity of the user submitting the bug. This may be exploited by saving the bug form locally and then changing the value of the appropriate form element. The attacker then submits the altered form.

Bugzilla is the bug tracking software package by the Mozilla project. It can be configured to run on Microsoft Windows and various Unix/Linux platforms. A vulnerability exists in Bugzilla which may allow a user to file bug reports as any other user. The post_bug.cgi script does not properly validate the identity of the user submitting the bug. This may be exploited by saving the bug form locally and then changing the value of the appropriate form element. The attacker then submits the altered form.