← back
CVE-2011-2380

CVE-2011-2380

EPSS 1.8%
Bugzilla 2.23.3 through 2.22.7, 3.0.x through 3.3.x, 3.4.x before 3.4.12, 3.5.x, 3.6.x before 3.6.6, 3.7.x, 4.0.x before 4.0.2, and 4.1.x before 4.1.3 allows remote attackers to determine the existence of private group names via a crafted parameter during (1) bug creation or (2) bug editing.
Affected products
n/a · n/a

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://bugzilla.mozilla.org/show_bug.cgi?id=653477http://secunia.com/advisories/45501https://exchange.xforce.ibmcloud.com/vulnerabilities/69034http://www.bugzilla.org/security/3.4.11/http://www.debian.org/security/2011/dsa-2322http://www.osvdb.org/74298http://www.osvdb.org/74299http://www.securityfocus.com/bid/49042