AI Score
Confidence
Low
EPSS
Percentile
77.8%
describecomponents.cgi in Bugzilla 2.17.3 and 2.17.4 does not properly verify group membership when bug entry groups are used, which allows remote attackers to list component descriptions for otherwise restricted products.
bugzilla.mozilla.org/show_bug.cgi?id=209742
www.securityfocus.com/archive/1/343185
www.securityfocus.com/bid/8953
exchange.xforce.ibmcloud.com/vulnerabilities/13602