Cross-site request forgery (CSRF) vulnerability in attachment.cgi in Bugzilla 3.2 prior to 3.2.3, 3.3 prior to 3.3.4, and previous versions versions allows remote malicious users to hijack the authentication of arbitrary users for requests that use attachment editing.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
mozilla bugzilla 3.3.1 |
||
mozilla bugzilla 3.3.2 |
||
mozilla bugzilla 3.2.1 |
||
mozilla bugzilla 3.2 |
||
mozilla bugzilla 3.2.2 |
||
mozilla bugzilla 3.3 |
||
mozilla bugzilla 3.3.3 |