Summary
Bugzilla is prone to an information-disclosure vulnerability.
Successful exploits will allow authenticated attackers to obtain potentially sensitive information that may aid in further attacks.
The following are vulnerable:
Bugzilla 3.3.4, 3.4rc1, and 3.4.
Solution
Updates are available. Please see the references for details.
References