vendor:
Bugzilla
by:
Unknown
5.5
CVSS
MEDIUM
Directory Traversal
22
CWE
Product Name: Bugzilla
Affected Version From: Bugzilla 2.22.1
Affected Version To: Bugzilla 2.22.4, Bugzilla 2.23.3 and later
Patch Exists: NO
Related CWE: Unknown
CPE: Unknown
Platforms Tested: Unknown
Unknown
Bugzilla Directory Traversal Vulnerability
Bugzilla is prone to a directory-traversal vulnerability because the application fails to sufficiently sanitize user-supplied input. Exploiting this issue will allow an attacker to view arbitrary local files within the context of the server. Information harvested may aid in launching further attacks.
Mitigation:
Unknown