Insecure Groupset Permissions Vulnerability in Bugzilla

Insecure Groupset Permissions Vulnerability in Bugzilla

CVE-2002-0808 · HIGH Severity

AV:N/AC:L/AU:N/C:P/I:P/A:P

Bugzilla 2.14 before 2.14.2, and 2.16 before 2.16rc2, when performing a mass change, sets the groupset of all bugs to the groupset of the first bug, which could inadvertently cause insecure groupset permissions to be assigned to some bugs.

Learn more about our Web Application Penetration Testing UK.