4 matches found
CVE-2013-1733
Cross-site request forgery CSRF vulnerability in processbug.cgi in Bugzilla 4.4.x before 4.4.1 allows remote attackers to hijack the authentication of arbitrary users for requests that modify bugs via vectors involving a midair-collision token...
Mageia: Security Advisory (MGASA-2014-0199)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2013-1733
Cross-site request forgery CSRF vulnerability in processbug.cgi in Bugzilla 4.4.x before 4.4.1 allows remote attackers to hijack the authentication of arbitrary users for requests that modify bugs via vectors involving a midair-collision token...
CVE-2013-1733
CVE-2013-1733 affects Bugzilla 4.4.x prior to 4.4.1. A CSRF flaw in process_bug.cgi enables remote attackers to hijack a user’s session to modify bugs via requests authenticated with a midair-collision token. CVSSv2 base score 6.8 (AV:N/AC:M/Au:N/C:P/I:P/A:P). Remediation: upgrade to Bugzilla 4.4...