CVE-2004-0706 Information

Description

Bugzilla 2.17.5 through 2.17.7 embeds the password in an image URL which could allow local users to view the password in the web server log files.

Reference

http://bugzilla.mozilla.org/show_bug.cgi?id=235510 http://marc.info/?l=bugtraq&m=108965446813639&w=2 http://www.securityfocus.com/bid/10698 https://exchange.xforce.ibmcloud.com/vulnerabilities/16669