|
|
CVE Reference: CVE-2006-0916 |
|
| NOTE: The text on this page is written by CVE MITRE and reflects neither the opinions of Secunia or the results of our research. All data on this page is written and maintained by CVE MITRE. | |
|
Original Page at CVE MITRE: CVE-2006-0916 |
|
|
Description: Bugzilla 2.19.3 through 2.20 does not properly handle "//" sequences in URLs when redirecting a user from the login form, which could cause it to generate a partial URL in a form action that causes the user's browser to send the form data to another domain. |
|
|
CVE Status: Candidate |
|
|
References: XF http://xforce.iss.net/xforce/xfdb/24821 SREASON http://securityreason.com/securityalert/464 SAID Secunia Advisory: SA18979 CONFIRM BUGTRAQ http://www.securityfocus.com/archive/1/archive/1/425584/100/0/threaded BID 16745 |
|
| Return to the previous page. |
