CVE-2009-0485

2009-02-09T17:30:00
ID CVE-2009-0485
Type cve
Reporter cve@mitre.org
Modified 2009-03-25T05:50:00

Description

Cross-site request forgery (CSRF) vulnerability in Bugzilla 2.17 to 2.22.7, 3.0 before 3.0.7, 3.2 before 3.2.1, and 3.3 before 3.3.2 allows remote attackers to delete unused flag types via a link or IMG tag to editflagtypes.cgi.