Security Advisory

CVE-2012-0448

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2012-02-02 18:00:00

Last updated 2024-08-06 18:23:31

Assigner mitre

State PUBLISHED

Description

Bugzilla 2.x and 3.x before 3.4.14, 3.5.x and 3.6.x before 3.6.8, 3.7.x and 4.0.x before 4.0.4, and 4.1.x and 4.2.x before 4.2rc2 does not reject non-ASCII characters in e-mail addresses of new user accounts, which makes it easier for remote authenticated users to spoof other user accounts by choosing a similar e-mail address.

← Browse all CVEs View on cve.org ↗