CVE-2004-0703Mozilla Bugzilla vulnerability

3 documents3 sources
Severity
7.5HIGHNVD
EPSS
0.5%
top 32.91%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Mozilla Bugzilla
Timeline
PublishedJul 27
Latest updateApr 29

Description

Unknown vulnerability in the administrative controls in Bugzilla 2.17.1 through 2.17.7 allows users with "grant membership" privileges to grant memberships to groups that the user does not control.

CVSS vector

AV:N/AC:L/C:P/I:P/A:PExploitability: 10.0 | Impact: 6.4

Affected Packages1 packages

NVDmozilla/bugzilla24 versions+23

Patches

Patch: www.securityfocus.comPatch: www.securityfocus.com

🔴Vulnerability Details

2
GHSA
GHSA-w523-7fpr-882h: Unknown vulnerability in the administrative controls in Bugzilla 22022-04-29
CVEList
CVE-2004-0703: Unknown vulnerability in the administrative controls in Bugzilla 22004-07-21
CVE-2004-0703 — Mozilla Bugzilla vulnerability | cvebase