Fedora Account System
Red Hat Associate
Red Hat Customer
Flaw bug created to hold information about an old flaw we knew something about. For more details see the MITRE CVE description.
MITRE description: Bugzilla before 2.14.1 allows remote attackers to (1) spoof a user comment via an HTTP request to process_bug.cgi using the "who" parameter, instead of the Bugzilla_login cookie, or (2) post a bug as another user by modifying the reporter parameter to enter_bug.cgi, which is passed to post_bug.cgi.