Justdave

#26768of 53,624
9.4Total CVSS
Vulnerabilities · 2
Low
1
Medium
1
PT-2009-3757
6.8
2009-04-01
Mozilla · Bugzilla · CVE-2009-1213
**Name of the Vulnerable Software and Affected Versions** Bugzilla versions 3.2 before 3.2.3 Bugzilla versions 3.3 before 3.3.4 Bugzilla versions prior to 3.2 **Description** A cross-site request forgery issue in the attachment.cgi component allows remote attackers to hijack user authentication for requests involving attachment editing. **Recommendations** For Bugzilla versions 3.2 before 3.2.3, update to version 3.2.3 or later. For Bugzilla versions 3.3 before 3.3.4, update to version 3.3.4 or later. For Bugzilla versions prior to 3.2, update to version 3.2.3 or later.
PT-2006-6173
2.6
2006-10-23
Mozilla · Bugzilla · CVE-2006-5455
**Name of the Vulnerable Software and Affected Versions** Bugzilla versions prior to 2.22.1 Bugzilla versions 2.23.x prior to 2.23.3 **Description** A cross-site request forgery (CSRF) issue exists, allowing user-assisted remote attackers to create, modify, or delete arbitrary bug reports via a crafted URL. **Recommendations** For versions prior to 2.22.1, update to version 2.22.1 or later. For versions 2.23.x prior to 2.23.3, update to version 2.23.3 or later.