Closed Bug 378865 Opened 17 years ago Closed 17 years ago

e-mails are wide open in Bugzilla

Categories

(Bugzilla :: User Accounts, defect)

Product:
Bugzilla
Component:
User Accounts
Platform:
x86
Windows XP
Type:
defect
Priority:
Not set
Severity:
major

Tracking

()

Status:
RESOLVED DUPLICATE of bug 120030

People

(Reporter: hebmtkj, Unassigned)

References

(
URL
)

Details

User-Agent:       Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.8.0.11) Gecko/20070312 Firefox/1.5.0.11
Build Identifier: Not Relevant (Problem with configuration of BugZilla of Thunderbird)

I just reported bug 378855, and when I went to look back at it, I could see that my full name is a link to my e-mail address. I checked, and there's no need to login or do any other thing to view this information.

This means I'll start getting tons of SPAM to my e-mail shortly.

Reproducible: Always

Steps to Reproduce:
1. Go to the following URL: https://bugzilla.mozilla.org/show_bug.cgi?id=378855.
2. Locate the name "Barak Ori" uder the attachment area.
3. Right click and choose "Copy Link Location".
Actual Results:  
You've just gained access to my e-mail address, and can use it to send SPAM.

Expected Results:  
Either hide e-mail addresses or the link should follow to some sort of a CAPTCHA test page (hopefully a good one), and only if you pass the test you get to see my e-mail.
Assignee: dveditz → user-accounts
Component: Security → User Accounts
Product: Thunderbird → Bugzilla
QA Contact: thunderbird → default-qa
Status: UNCONFIRMED → RESOLVED
Closed: 17 years ago
Resolution: --- → DUPLICATE
Summary: e-mails are wide open in Thunderbird's BugZilla system → e-mails are wide open in Bugzilla
You need to log in before you can comment on or make changes to this bug.