← back
CVE-2009-0482

CVE-2009-0482

EPSS 0.5%
Cross-site request forgery (CSRF) vulnerability in Bugzilla before 3.2 before 3.2.1, 3.3 before 3.3.2, and other versions before 3.2 allows remote attackers to perform bug updating activities as other users via a link or IMG tag to process_bug.cgi.
Affected products
n/a · n/a

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
http://secunia.com/advisories/34361https://www.redhat.com/archives/fedora-package-announce/2009-March/msg00664.htmlhttps://www.redhat.com/archives/fedora-package-announce/2009-March/msg00687.htmlhttp://www.bugzilla.org/security/2.22.6/http://www.securityfocus.com/bid/33580