Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

nvd логотип

CVE-2009-1213

Опубликовано: 01 апр. 2009
Источник: nvd
CVSS2: 6.8
EPSS Низкий

Описание

Cross-site request forgery (CSRF) vulnerability in attachment.cgi in Bugzilla 3.2 before 3.2.3, 3.3 before 3.3.4, and earlier versions allows remote attackers to hijack the authentication of arbitrary users for requests that use attachment editing.

Ссылки

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:mozilla:bugzilla:3.2:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:bugzilla:3.2:rc1:*:*:*:*:*:*
cpe:2.3:a:mozilla:bugzilla:3.2:rc2:*:*:*:*:*:*
cpe:2.3:a:mozilla:bugzilla:3.2.1:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:bugzilla:3.2.2:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:bugzilla:3.3:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:bugzilla:3.3.1:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:bugzilla:3.3.2:*:*:*:*:*:*:*
cpe:2.3:a:mozilla:bugzilla:3.3.3:*:*:*:*:*:*:*

EPSS

Процентиль: 57%
0.00347
Низкий

6.8 Medium

CVSS2

Дефекты

CWE-352

Связанные уязвимости

ubuntu логотип

CVE-2009-1213

ubuntu
больше 16 лет назад

Cross-site request forgery (CSRF) vulnerability in attachment.cgi in Bugzilla 3.2 before 3.2.3, 3.3 before 3.3.4, and earlier versions allows remote attackers to hijack the authentication of arbitrary users for requests that use attachment editing.

redhat логотип

CVE-2009-1213

redhat
больше 16 лет назад

Cross-site request forgery (CSRF) vulnerability in attachment.cgi in Bugzilla 3.2 before 3.2.3, 3.3 before 3.3.4, and earlier versions allows remote attackers to hijack the authentication of arbitrary users for requests that use attachment editing.

debian логотип

CVE-2009-1213

debian
больше 16 лет назад

Cross-site request forgery (CSRF) vulnerability in attachment.cgi in B ...

github логотип

GHSA-h5vc-337f-mrrj

github
больше 3 лет назад

Cross-site request forgery (CSRF) vulnerability in attachment.cgi in Bugzilla 3.2 before 3.2.3, 3.3 before 3.3.4, and earlier versions allows remote attackers to hijack the authentication of arbitrary users for requests that use attachment editing.

EPSS

Процентиль: 57%
0.00347
Низкий

6.8 Medium

CVSS2

Дефекты

CWE-352