Information Disclosure Vulnerability in Bugzilla
CVE-2011-2380 · MEDIUM Severity
AV:N/AC:L/AU:N/C:P/I:N/A:N
Bugzilla 2.23.3 through 2.22.7, 3.0.x through 3.3.x, 3.4.x before 3.4.12, 3.5.x, 3.6.x before 3.6.6, 3.7.x, 4.0.x before 4.0.2, and 4.1.x before 4.1.3 allows remote attackers to determine the existence of private group names via a crafted parameter during (1) bug creation or (2) bug editing.
Learn more about our Web Application Penetration Testing UK.