Facebook Google Plus Twitter LinkedIn YouTube RSS Menu Search Resource - BlogResource - WebinarResource - ReportResource - Eventicons_066 icons_067icons_068icons_069icons_070

Bugzilla < 2.19.3 Information Disclosure



The remote host may give an attacker information useful for future attacks.


The remote server is running Bugzilla, a bug tracking system. There is a flaw in the remote installation of Bugzilla that may allow an attacker to disclose sensitive information. Specifically, if a user generates a report prior to authentication, the user ID and password will be embedded within the report. An attacker exploiting this flaw would be able to harvest user IDs and passwords from generated reports.


Upgrade to version 2.19.3 or higher.