← CVECheck
HomeVulnerabilities

CVE-2003-1044 — HIGH severity vulnerability (editproducts.cgi in Bugzilla 2.16.3 and earlier, when usebug)

editproducts.cgi in Bugzilla 2.16.3 and earlier, when usebuggroups is enabled, does not properly remove group add privileges from a group that is being deleted, which allows users with those privileges to perform unauthorized additions to the next group that is assigned with the original group ID.

CVE IDCVE-2003-1044
SeverityHIGH
CVSS score7.5
CVSS vectorAV:N/AC:L/Au:N/C:P/I:P/A:P
CWENVD-CWE-Other
StatusModified
Published2004-08-18
Last modified2026-04-16
Descriptioneditproducts.cgi in Bugzilla 2.16.3 and earlier, when usebuggroups is enabled, does not properly remove group add privileges from a group that is being deleted, which allows users with those privileges to perform unauthorized additions to the next group that is assigned with the original group ID.
SourceNIST National Vulnerability Database

🔍 Search all vulnerabilities →