Bugzilla Cross Site Request Forgery

Feb 25, 2012 12:54 AM

Summary

=======

Bugzilla is a Web-based bug-tracking system used by a large number of

software projects. The following security issue has been discovered

in Bugzilla:

* A CSRF vulnerability in the implementation of the XML-RPC API

when running under mod_perl could be used to make changes to

bugs or execute some admin tasks without the victim's knowledge.

All affected installations are encouraged to upgrade as soon as

possible.

Related Articles

637263493835297420.jpg

How to Use Zero-Width Characters to Hide Secret Messages in Text (& Even Reveal Leaks)

636455706472146367.jpg

How to Hide DDE-Based Attacks in MS Word

Comments

No Comments Exist

Be the first, drop a comment!