Описание
Bugzilla before 2.14 includes the username and password in URLs, which could allow attackers to gain privileges by reading the information from the web server logs, or by "shoulder-surfing" and observing the web browser's location bar.
Дополнительная информация
https://bugzilla.redhat.com/show_bug.cgi?id=1616701security flaw
EPSS
Процентиль: 67%
0.00527
Низкий
Связанные уязвимости
nvd
больше 24 лет назад
Bugzilla before 2.14 includes the username and password in URLs, which could allow attackers to gain privileges by reading the information from the web server logs, or by "shoulder-surfing" and observing the web browser's location bar.
github
почти 4 года назад
Bugzilla before 2.14 includes the username and password in URLs, which could allow attackers to gain privileges by reading the information from the web server logs, or by "shoulder-surfing" and observing the web browser's location bar.
EPSS
Процентиль: 67%
0.00527
Низкий