Cross-site request forgery (CSRF) vulnerability in editversions.cgi in Bugzilla before 2.22.1 and 2.23.x before 2.23.3 allows user-assisted remote attackers to create, modify, or delete arbitrary bug reports via a crafted URL.
| CVE ID | Name | Status | References |
|---|---|---|---|
| CVE-2006-5455 | Cross-site request forgery (CSRF) vulnerability in editversions.cgi in Bugzilla before 2.22.1 and 2.23.x before 2.23.3 allows user-assisted remote attackers to create, modify, or delete arbitrary bug reports via a crafted URL. |
Assigned (20061023) | BID:20538 | URL:http://www.securityfocus.com/bid/20538 | BUGTRAQ:20061015 Security Advisory for Bugzilla 2.18.5, 2.20.2, 2.22, and 2.23.2 | URL:http://www.securityfocus.com/archive/1/448777/100/100/threaded | CONFIRM:http://www.bugzilla.org/security/2.18.5/ | CONFIRM:https://bugzilla.mozilla.org/show_bug.cgi?id=281181 | GENTOO:GLSA-200611-04 | URL:http://security.gentoo.org/glsa/glsa-200611-04.xml | OSVDB:29548 | URL:http://www.osvdb.org/29548 | SECUNIA:22409 | URL:http://secunia.com/advisories/22409 | SECUNIA:22790 | URL:http://secunia.com/advisories/22790 | SREASON:1760 | URL:http://securityreason.com/securityalert/1760 | VUPEN:ADV-2006-4035 | URL:http://www.vupen.com/english/advisories/2006/4035 | XF:bugzilla-url-modify-configuration(29618) | URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/29618 |
Page created: