Cross-site request forgery (CSRF) vulnerability in process_bug.cgi in Bugzilla 4.4.x prior to 4.4.1 allows remote malicious users to hijack the authentication of arbitrary users for requests that modify bugs via vectors involving a midair-collision token.
| Vulnerable Product | Search on Vulmon | Subscribe to Product |
|---|---|---|
mozilla bugzilla 4.4 |
Vulmon