CVE-2004-1634 — Mozilla Bugzilla vulnerability
3 documents3 sources
Severity
5.0MEDIUMNVD
EPSS
0.4%
top 36.85%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
Timeline
PublishedOct 25
Latest updateApr 29
Description
show_bug.cgi in Bugzilla 2.17.1 through 2.18rc2 and 2.19 from CVS, when using the insidergroup feature and exporting a bug to XML, shows comments and attachment summaries which are marked as private, which allows remote attackers to gain sensitive information.
CVSS vector
AV:N/AC:L/C:P/I:N/A:NExploitability: 10.0 | Impact: 2.9