Bugzilla 2.14 before 2.14.2, and 2.16 before 2.16rc2, when performing a mass change, sets the groupset of all bugs to the groupset of the first bug, which could inadvertently cause insecure groupset permissions to be assigned to some bugs.
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2003-04-02T05:00:00

Updated: 2024-08-08T03:03:48.895Z

Reserved: 2002-07-29T00:00:00

Link: CVE-2002-0808

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Analyzed

Published: 2002-08-12T04:00:00.000

Modified: 2008-09-05T20:29:00.333

Link: CVE-2002-0808

cve-icon Redhat

Severity :

Publid Date: 2001-11-05T00:00:00Z

Links: CVE-2002-0808 - Bugzilla