Mandriva Linux Security Advisory : bugzilla (MDVSA-2013:285)

Multiple vulnerabilities was found and corrected in bugzilla : Cross-site request forgery CSRF vulnerability in processbug.cgi in Bugzilla 4.4.x before 4.4.1 allows remote attackers to hijack the authentication of arbitrary users for requests that modify bugs via vectors involving a...

CVE-2013-1733

Cross-site request forgery CSRF vulnerability in processbug.cgi in Bugzilla 4.4.x before 4.4.1 allows remote attackers to hijack the authentication of arbitrary users for requests that modify bugs via vectors involving a midair-collision token...