CVE-2001-1403
published 2001-09-10CVE-2001-1403: Bugzilla before 2.14 includes the username and password in URLs, which could allow attackers to gain privileges by reading the information from the web server…
high7.5CVSS 3.1
AVNACLAuNCPIPAP
Bugzilla before 2.14 includes the username and password in URLs, which could allow attackers to gain privileges by reading the information from the web server logs, or by "shoulder-surfing" and observing the web browser's location bar.
Affected
6 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| mozilla | bugzilla | — | — |
| mozilla | bugzilla | — | — |
| mozilla | bugzilla | — | — |
| mozilla | bugzilla | — | — |
| mozilla | bugzilla | — | — |
| mozilla | bugzilla | — | — |