Описание
describecomponents.cgi in Bugzilla 2.17.3 and 2.17.4 does not properly verify group membership when bug entry groups are used, which allows remote attackers to list component descriptions for otherwise restricted products.
describecomponents.cgi in Bugzilla 2.17.3 and 2.17.4 does not properly verify group membership when bug entry groups are used, which allows remote attackers to list component descriptions for otherwise restricted products.
EPSS
Процентиль: 80%
0.01402
Низкий
CVE ID
Связанные уязвимости
nvd
почти 21 год назад
describecomponents.cgi in Bugzilla 2.17.3 and 2.17.4 does not properly verify group membership when bug entry groups are used, which allows remote attackers to list component descriptions for otherwise restricted products.
debian
почти 21 год назад
describecomponents.cgi in Bugzilla 2.17.3 and 2.17.4 does not properly ...
EPSS
Процентиль: 80%
0.01402
Низкий