CVE-2001-1407

Bugzilla before 2.14 allows Bugzilla users to bypass group security checks by marking a bug as the duplicate of a restricted bug, which adds the user to the CC list of the restricted bug and allows the user to view the bug.

Date published : 2003-04-02

http://marc.info/?l=bugtraq&m=99912899900567

http://bugzilla.mozilla.org/show_bug.cgi?id=96085