Bugzilla < 4.0.15 / 4.2.11 / 4.4.6 / 4.5.6 Multiple Vulnerabilities
High Nessus Plugin ID 78069
SynopsisThe remote web server contains a web application affected by multiple vulnerabilities.
DescriptionAccording to its banner, the version of Bugzilla installed on the remote host contains multiple flaws. It is, therefore, affected by the following vulnerabilities :
- If a new comment is marked as private to the insider group, and a flag is set in the same transaction, the comment will be visible to flag recipients even if they are not in the insider group. (CVE-2014-1571)
- A remote attacker can override certain parameters when creating a new Bugzilla account. This can lead to the account being created with a different email address than originally requested, allowing a user to be added to certain groups based on the group's regular expression setting. This may allow an attacker to escalate a given user accounts privileges.
- A flaw existed in how CGI arguments were handled that could allow cross-site scripting exploits which an attacker could use to access sensitive information.
Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.
SolutionUpgrade to Bugzilla 4.0.15 / 4.2.11 / 4.4.6 / 4.5.6 or later.