Vulnerability Details CVE-2012-5884
The User.get method in Bugzilla/WebService/User.pm in Bugzilla 4.3.2 allows remote attackers to obtain sensitive information about the saved searches of arbitrary users via an XMLRPC request or a JSONRPC request, a different vulnerability than CVE-2012-4198.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.003
EPSS Ranking 49.3%
CVSS Severity
CVSS v2 Score 5.0
References
- https://bugzilla.mozilla.org/show_bug.cgi?id=697224
- https://bugzilla.mozilla.org/show_bug.cgi?id=781850
- https://exchange.xforce.ibmcloud.com/vulnerabilities/80115
- https://bugzilla.mozilla.org/show_bug.cgi?id=697224
- https://bugzilla.mozilla.org/show_bug.cgi?id=781850
- https://exchange.xforce.ibmcloud.com/vulnerabilities/80115