VULHUB ™

Bugzilla is a free, open source bug tracking and reporting appplication. It allows users to submit bugs, offers a forum for discussing bugs, keeps track of the status of bugs, and can restrict who has access to bug information. A vulnerability in 'process_bug.cgi' makes it possible to bypass the access controls for bugs that are designated as restricted by Bugzilla. If a user adds a new bug as a duplicate of a restricted existing bug then they will be added to the cclist of the existing bug. This allows the user to bypass the group-based access controls enforced by Bugzilla.

Bugzilla is a free, open source bug tracking and reporting appplication. It allows users to submit bugs, offers a forum for discussing bugs, keeps track of the status of bugs, and can restrict who has access to bug information. A vulnerability in 'process_bug.cgi' makes it possible to bypass the access controls for bugs that are designated as restricted by Bugzilla. If a user adds a new bug as a duplicate of a restricted existing bug then they will be added to the cclist of the existing bug. This allows the user to bypass the group-based access controls enforced by Bugzilla.