CVE-2009-0482

Name of the Vulnerable Software and Affected Versions Bugzilla versions prior to 3.2.1 Bugzilla versions 3.3 before 3.3.2

Description A cross-site request forgery issue allows remote attackers to perform actions as other users by tricking them into clicking a link or accessing an image that points to the /process bug.cgi API endpoint. This could lead to unauthorized bug updating activities.

Recommendations For Bugzilla versions prior to 3.2.1, update to version 3.2.1 or later to resolve the issue. For Bugzilla versions 3.3 before 3.3.2, update to version 3.3.2 or later to resolve the issue.