CVE-2006-0916

Bugzilla 2.19.3 through 2.20 does not properly handle "//" sequences in URLs when redirecting a user from the login form, which could cause it to generate a partial URL in a form action that causes the user’s browser to send the form data to another domain.

Date published : 2006-02-28

http://www.securityfocus.com/bid/16745

http://www.securityfocus.com/archive/1/425584/100/0/threaded