Cross-site request forgery (CSRF) vulnerability in Bugzilla 2.17 to 2.22.7, 3.0 prior to 3.0.7, 3.2 prior to 3.2.1, and 3.3 prior to 3.3.2 allows remote malicious users to delete unused flag types via a link or IMG tag to editflagtypes.cgi.
| Vulnerable Product | Search on Vulmon | Subscribe to Product |
|---|---|---|
mozilla bugzilla 2.17.6 |
||
mozilla bugzilla 2.17.7 |
||
mozilla bugzilla 2.18.3 |
||
mozilla bugzilla 2.18.4 |
||
mozilla bugzilla 2.20 |
||
mozilla bugzilla 2.20.6 |
||
mozilla bugzilla 2.20.7 |
||
mozilla bugzilla 2.22.3 |
||
mozilla bugzilla 2.22.4 |
||
mozilla bugzilla 3.0.4 |
||
mozilla bugzilla 3.0.5 |
||
mozilla bugzilla 2.17.1 |
||
mozilla bugzilla 2.17.3 |
||
mozilla bugzilla 2.18 |
||
mozilla bugzilla 2.19 |
||
mozilla bugzilla 2.19.1 |
||
mozilla bugzilla 2.20.2 |
||
mozilla bugzilla 2.20.3 |
||
mozilla bugzilla 2.22 |
||
mozilla bugzilla 3.0 |
||
mozilla bugzilla 3.0.1 |
||
mozilla bugzilla 3.2 |
||
mozilla bugzilla 2.17.4 |
||
mozilla bugzilla 2.17.5 |
||
mozilla bugzilla 2.18.1 |
||
mozilla bugzilla 2.18.2 |
||
mozilla bugzilla 2.19.2 |
||
mozilla bugzilla 2.19.3 |
||
mozilla bugzilla 2.20.4 |
||
mozilla bugzilla 2.20.5 |
||
mozilla bugzilla 2.22.1 |
||
mozilla bugzilla 2.22.2 |
||
mozilla bugzilla 3.0.2 |
||
mozilla bugzilla 3.0.3 |
||
mozilla bugzilla 3.3.1 |
||
mozilla bugzilla 2.17 |
||
mozilla bugzilla 2.18.5 |
||
mozilla bugzilla 2.18.6 |
||
mozilla bugzilla 2.18.6\\+ |
||
mozilla bugzilla 2.20.1 |
||
mozilla bugzilla 2.21 |
||
mozilla bugzilla 2.21.1 |
||
mozilla bugzilla 2.22.5 |
||
mozilla bugzilla 2.22.6 |
||
mozilla bugzilla 3.0.6 |
Vulmon