Plaintext Password Storage and Email Vulnerability in Bugzilla

Plaintext Password Storage and Email Vulnerability in Bugzilla

CVE-2001-1404 · HIGH Severity

AV:N/AC:L/AU:N/C:P/I:P/A:P

Bugzilla before 2.14 stores user passwords in plaintext and sends password requests in an email message, which could allow attackers to gain privileges.

Learn more about our User Device Pen Test.