Mozillas free and popular bug tracking program, Bugzilla, has just been updated to patch a number of security holes. The bug report might include sufficient detail to act as a sort of proof-of-concept (PoC) that would allow a cybercriminal to exploit the vulnerability revealed in the bug report. The Bugzilla bug-revealing bug was caused by what you might call a programmatic slip twixt cup and lip, because it turns out you could give a different email address in the final stages of signup than you gave at the start.”]
Source: https://nakedsecurity.sophos.com/2014/10/07/bugzilla-bug-tracker-fixes-zero-day-bug-revealing-bug/