Bugzilla Cross Site Request Forgery

Feb 25, 2012 12:54 AM

Summary

=======

Bugzilla is a Web-based bug-tracking system used by a large number of

software projects. The following security issue has been discovered

in Bugzilla:

* A CSRF vulnerability in the implementation of the XML-RPC API

when running under mod_perl could be used to make changes to

bugs or execute some admin tasks without the victim's knowledge.

All affected installations are encouraged to upgrade as soon as

possible.

Related Articles

637587411395252764.jpg

How to Perform Advanced Man-in-the-Middle Attacks with Xerosploit

635211718118959676.jpg

How to Get Unlimited Free Trials Using a "Real" Fake Credit Card Number

Comments

No Comments Exist

Be the first, drop a comment!