User Deletion Vulnerability in Bugzilla 2.14 and 2.16

User Deletion Vulnerability in Bugzilla 2.14 and 2.16

CVE-2002-0806 · LOW Severity

AV:L/AC:L/AU:N/C:N/I:P/A:N

Bugzilla 2.14 before 2.14.2, and 2.16 before 2.16rc2, allows authenticated users with editing privileges to delete other users by directly calling the editusers.cgi script with the "del" option.

Learn more about our User Device Pen Test.