CVE-2010-2756

CVE-2010-2756 · MEDIUM Severity

AV:N/AC:L/AU:N/C:P/I:N/A:N

Search.pm in Bugzilla 2.19.1 through 3.2.7, 3.3.1 through 3.4.7, 3.5.1 through 3.6.1, and 3.7 through 3.7.2 allows remote attackers to determine the group memberships of arbitrary users via vectors involving the Search interface, boolean charts, and group-based pronouns.

Learn more about our User Device Pen Test.