Bugzilla Group Selection During Bug Creation Information Disclosure Vulnerability Network Vulnerability

Summary

Bugzilla is prone to an information-disclosure vulnerability. Attackers can exploit this issue to obtain potentially sensitive information that may aid in other attacks. Bugzilla 3.7 and 3.7.1 are vulnerable.

Solution

Updates are available. Please see the references for more information.

References

http://www.bugzilla.org
http://www.bugzilla.org/security/3.7.1/
https://bugzilla.mozilla.org/show_bug.cgi?id=574892
https://www.securityfocus.com/bid/41397

Updated on 2015-03-25

Severity

Classification

CVSS	Base Score: 3.3 AV:L/AC:M/Au:N/C:N/I:P/A:P

Related Vulnerabilities

phpWebSite 'local' Parameter Cross Site Scripting Vulnerability
Interchange HTTP Response Splitting Vulnerability
Apache mod_perl 'Apache::Status' and 'Apache2::Status' Cross Site Scripting Vulnerability
MantisBT Cross-site scripting Vulnerability
Apache Tomcat 'MemoryUserDatabase' Information Disclosure Vulnerability

Take action and discover your vulnerabilities