Unauthorized Granting of Group Memberships in Bugzilla Administrative Controls

Unauthorized Granting of Group Memberships in Bugzilla Administrative Controls

CVE-2004-0703 · HIGH Severity

AV:N/AC:L/AU:N/C:P/I:P/A:P

Unknown vulnerability in the administrative controls in Bugzilla 2.17.1 through 2.17.7 allows users with "grant membership" privileges to grant memberships to groups that the user does not control.

Learn more about our User Device Pen Test.