Guten Tag u0107@...,
am Mittwoch, 4. Juli 2012 um 20:36 schrieben Sie:
> Our installation of Bugzilla has a major security exposure.
Which version do you use?
> user that is created gets admin privileges. Even if the
> administrator (I or someone else) changes the authorization and
> removes these privileges, the privileges can be reacquired by the user him/herself.
Sounds like there's a regexp for admin users which matches all users,
by default it should be empty. Have a look at the admin group page, at
the top there should be an input field called "User Regexp". If this
is not the problem you should describe more detailed how your admin
settings look like.