6 matches found
SUSE CVE-2011-3668
Cross-site request forgery CSRF vulnerability in postbug.cgi in Bugzilla 2.x, 3.x, and 4.x before 4.2rc1 allows remote attackers to hijack the authentication of arbitrary users for requests that create bug reports...
Cross site request forgery (csrf)
Cross-site request forgery CSRF vulnerability in postbug.cgi in Bugzilla 2.x, 3.x, and 4.x before 4.2rc1 allows remote attackers to hijack the authentication of arbitrary users for requests that create bug reports...
CVE-2005-1564
postbug.cgi in Bugzilla 2.10 through 2.18, 2.19.1, and 2.19.2 allows remote authenticated users to "enter bugs into products that are closed for bug entry" by modifying the URL to specify the name of the product...
CVE-2005-1564
Bugzilla 2.10–2.18, 2.19.1, 2.19.2 contains a vulnerability in post_bug.cgi where a remote authenticated user can enter bugs into products that are closed for bug entry by altering the product name in the URL. The root cause is improper handling of product-name validation in the bug-entry flow, a...
CVE-2005-1564
postbug.cgi in Bugzilla 2.10 through 2.18, 2.19.1, and 2.19.2 allows remote authenticated users to "enter bugs into products that are closed for bug entry" by modifying the URL to specify the name of the product...
CVE-2005-1564
postbug.cgi in Bugzilla 2.10 through 2.18, 2.19.1, and 2.19.2 allows remote authenticated users to "enter bugs into products that are closed for bug entry" by modifying the URL to specify the name of the product...