CVE-2005-1564

2005-05-1404:00:00

mitre

www.cve.org

AI Score

6.4

Confidence

Low

EPSS

0.007

Percentile

79.6%

JSON

post_bug.cgi in Bugzilla 2.10 through 2.18, 2.19.1, and 2.19.2 allows remote authenticated users to “enter bugs into products that are closed for bug entry” by modifying the URL to specify the name of the product.

References

marc.info/?l=bugtraq&m=111592031902962&w=2

secunia.com/advisories/15338

www.bugzilla.org/security/2.16.8/

www.osvdb.org/16426

bugzilla.mozilla.org/show_bug.cgi?id=287109

exchange.xforce.ibmcloud.com/vulnerabilities/42797