CVE-2001-1404

CVE-2001-1404

EPSS 1.1%

Bugzilla before 2.14 stores user passwords in plaintext and sends password requests in an email message, which could allow attackers to gain privileges.

Affected products

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

http://bugzilla.mozilla.org/show_bug.cgi?id=74032 http://marc.info/?l=bugtraq&m=99912899900567 http://www.redhat.com/support/errata/RHSA-2001-107.html