Password Exposure in Bugzilla Image URLs

Password Exposure in Bugzilla Image URLs

CVE-2004-0706 · LOW Severity

AV:L/AC:L/AU:N/C:P/I:N/A:N

Bugzilla 2.17.5 through 2.17.7 embeds the password in an image URL, which could allow local users to view the password in the web server log files.

Learn more about our Web App Pen Testing.