exploitDog

CVE-2009-0483

Опубликовано: 09 фев. 2009

Источник: redhat

EPSS Низкий

Описание

Cross-site request forgery (CSRF) vulnerability in Bugzilla 2.22 before 2.22.7, 3.0 before 3.0.7, 3.2 before 3.2.1, and 3.3 before 3.3.2 allows remote attackers to delete keywords and user preferences via a link or IMG tag to (1) editkeywords.cgi or (2) userprefs.cgi.

Ссылки на источники

Дополнительная информация

Статус:

Moderate

Дефект:

CWE-352

https://bugzilla.redhat.com/show_bug.cgi?id=484807bugzilla: CSRF vuln via editkeywords.cgi and userprefs.cgi

EPSS

Процентиль: 61%

0.00413

Низкий

Связанные уязвимости

CVE-2009-0483

ubuntu

почти 17 лет назад

Cross-site request forgery (CSRF) vulnerability in Bugzilla 2.22 before 2.22.7, 3.0 before 3.0.7, 3.2 before 3.2.1, and 3.3 before 3.3.2 allows remote attackers to delete keywords and user preferences via a link or IMG tag to (1) editkeywords.cgi or (2) userprefs.cgi.

CVE-2009-0483

nvd

почти 17 лет назад

Cross-site request forgery (CSRF) vulnerability in Bugzilla 2.22 before 2.22.7, 3.0 before 3.0.7, 3.2 before 3.2.1, and 3.3 before 3.3.2 allows remote attackers to delete keywords and user preferences via a link or IMG tag to (1) editkeywords.cgi or (2) userprefs.cgi.

CVE-2009-0483

debian

почти 17 лет назад

Cross-site request forgery (CSRF) vulnerability in Bugzilla 2.22 befor ...

GHSA-4pwx-p54m-78g5

github

больше 3 лет назад

Cross-site request forgery (CSRF) vulnerability in Bugzilla 2.22 before 2.22.7, 3.0 before 3.0.7, 3.2 before 3.2.1, and 3.3 before 3.3.2 allows remote attackers to delete keywords and user preferences via a link or IMG tag to (1) editkeywords.cgi or (2) userprefs.cgi.

EPSS

Процентиль: 61%

0.00413

Низкий