2004-07-21 04:00:00
mitre
PUBLISHED
Bugzilla 2.17.5 through 2.17.7 embeds the password in an image URL, which could allow local users to view the password in the web server log files.