48 matches found
CVE-2021-21369 Potential DoS in Besu HTTP JSON-RPC API
Hyperledger Besu is an open-source, MainNet compatible, Ethereum client written in Java. In Besu before version 1.5.1 there is a denial-of-service vulnerability involving the HTTP JSON-RPC API service. If username and password authentication is enabled for the HTTP JSON-RPC API service, then prio...
Bugzilla jsonrpc.cgi 跨站请求伪造漏洞
BUGTRAQ ID: 51783 CVE ID: CVE-2012-0440 Bugzilla是一个开源的缺陷跟踪系统,它可以管理软件开发中缺陷的提交,修复,关闭等整个生命周期。 Bugzilla在jsonrpc.cgi的实现上存在CSRF安全漏洞,成功利用这些漏洞可允许攻击者劫持任意用户使用JSON-RPC API的身份验证请求。 0 Mozilla Bugzilla 4.x 厂商补丁: Mozilla ------- 目前厂商已经发布了升级补丁以修复这个安全问题,请到厂商的主页下载: http://www.mozilla.org/security/...
FreeBSD Ports: bugzilla
The remote host is missing an update to the system as announced in the referenced advisory. VID 309542b5-50b9-11e1-b0d8-00151735203a OpenVAS Vulnerability Test $ Description: Auto generated from VID 309542b5-50b9-11e1-b0d8-00151735203a Authors: Thomas Reinke Copyright: Copyright c 2012 E-Soft Inc...
FreeBSD : bugzilla -- multiple vulnerabilities (309542b5-50b9-11e1-b0d8-00151735203a)
A Bugzilla Security Advisory reports : The following security issues have been discovered in Bugzilla : - Account Impersonation : When a user creates a new account, Bugzilla doesn't correctly reject email addresses containing non-ASCII characters, which could be used to impersonate another user...
CVE-2012-0440
Cross-site request forgery CSRF vulnerability in jsonrpc.cgi in Bugzilla 3.5.x and 3.6.x before 3.6.8, 3.7.x and 4.0.x before 4.0.4, and 4.1.x and 4.2.x before 4.2rc2 allows remote attackers to hijack the authentication of arbitrary users for requests that use the JSON-RPC API...
Cross site request forgery (csrf)
Cross-site request forgery CSRF vulnerability in jsonrpc.cgi in Bugzilla 3.5.x and 3.6.x before 3.6.8, 3.7.x and 4.0.x before 4.0.4, and 4.1.x and 4.2.x before 4.2rc2 allows remote attackers to hijack the authentication of arbitrary users for requests that use the JSON-RPC API...
CVE-2012-0440
Cross-site request forgery CSRF vulnerability in jsonrpc.cgi in Bugzilla 3.5.x and 3.6.x before 3.6.8, 3.7.x and 4.0.x before 4.0.4, and 4.1.x and 4.2.x before 4.2rc2 allows remote attackers to hijack the authentication of arbitrary users for requests that use the JSON-RPC API...
bugzilla -- multiple vulnerabilities
A Bugzilla Security Advisory reports: The following security issues have been discovered in Bugzilla: Account Impersonation: When a user creates a new account, Bugzilla doesn't correctly reject email addresses containing non-ASCII characters, which could be used to impersonate another user accoun...