2002-08-31 04:00:00
mitre
PUBLISHED
Bugzilla before 2.14 stores user passwords in plaintext and sends password requests in an email message, which could allow attackers to gain privileges.