Cross-site request forgery (CSRF) vulnerability in process_bug.cgi in Bugzilla 4.4.x prior to 4.4.1 allows remote malicious users to hijack the authentication of arbitrary users for requests that modify bugs via vectors involving a midair-collision token.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
mozilla bugzilla 4.4 |