← CVECheck
HomeVulnerabilities

CVE-2001-1403 — HIGH severity vulnerability (Bugzilla before 2.14 includes the username and password in U)

Bugzilla before 2.14 includes the username and password in URLs, which could allow attackers to gain privileges by reading the information from the web server logs, or by "shoulder-surfing" and observing the web browser's location bar.

CVE IDCVE-2001-1403
SeverityHIGH
CVSS score7.5
CVSS vectorAV:N/AC:L/Au:N/C:P/I:P/A:P
CWENVD-CWE-Other
StatusModified
Published2001-09-10
Last modified2026-04-16
DescriptionBugzilla before 2.14 includes the username and password in URLs, which could allow attackers to gain privileges by reading the information from the web server logs, or by "shoulder-surfing" and observing the web browser's location bar.
SourceNIST National Vulnerability Database

🔍 Search all vulnerabilities →