News: Bugzilla Cross Site Request Forgery

Bugzilla Cross Site Request Forgery

Summary
=======

Bugzilla is a Web-based bug-tracking system used by a large number of
software projects. The following security issue has been discovered
in Bugzilla:

* A CSRF vulnerability in the implementation of the XML-RPC API
when running under mod_perl could be used to make changes to
bugs or execute some admin tasks without the victim's knowledge.

All affected installations are encouraged to upgrade as soon as
possible.

Never Miss a Hacking or Security Guide

New Null Byte in your inbox, every week.

Be the First to Comment

Share Your Thoughts

  • Hot
  • Latest