Описание
Cross-site request forgery (CSRF) vulnerability in editversions.cgi in Bugzilla before 2.22.1 and 2.23.x before 2.23.3 allows user-assisted remote attackers to create, modify, or delete arbitrary bug reports via a crafted URL.
| Релиз | Статус | Примечание |
|---|---|---|
| dapper | ignored | end of life |
| devel | released | 2.22.1-2 |
| edgy | ignored | end of life, was needed |
| feisty | released | 2.22.1-2 |
| gutsy | released | 2.22.1-2 |
| hardy | released | 2.22.1-2 |
| intrepid | released | 2.22.1-2 |
| jaunty | released | 2.22.1-2 |
| karmic | released | 2.22.1-2 |
| upstream | needs-triage |
Показывать по
Ссылки на источники
EPSS
2.6 Low
CVSS2
Связанные уязвимости
Cross-site request forgery (CSRF) vulnerability in editversions.cgi in Bugzilla before 2.22.1 and 2.23.x before 2.23.3 allows user-assisted remote attackers to create, modify, or delete arbitrary bug reports via a crafted URL.
Cross-site request forgery (CSRF) vulnerability in editversions.cgi in ...
Cross-site request forgery (CSRF) vulnerability in editversions.cgi in Bugzilla before 2.22.1 and 2.23.x before 2.23.3 allows user-assisted remote attackers to create, modify, or delete arbitrary bug reports via a crafted URL.
EPSS
2.6 Low
CVSS2