CVE-2004-0706Mozilla Bugzilla vulnerability

3 documents3 sources
Severity
2.1LOWNVD
EPSS
0.1%
top 71.94%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Mozilla Bugzilla
Timeline
PublishedJul 27
Latest updateApr 29

Description

Bugzilla 2.17.5 through 2.17.7 embeds the password in an image URL, which could allow local users to view the password in the web server log files.

CVSS vector

AV:L/AC:L/C:P/I:N/A:NExploitability: 3.9 | Impact: 2.9

Affected Packages1 packages

NVDmozilla/bugzilla24 versions+23

Patches

Patch: www.securityfocus.comPatch: www.securityfocus.com

🔴Vulnerability Details

2
GHSA
GHSA-5rq9-m7h9-8rgp: Bugzilla 22022-04-29
CVEList
CVE-2004-0706: Bugzilla 22004-07-21
CVE-2004-0706 — Mozilla Bugzilla vulnerability | cvebase