News: Bugzilla Cross Site Request Forgery

Bugzilla Cross Site Request Forgery

Bugzilla Cross Site Request Forgery

Summary
=======

Bugzilla is a Web-based bug-tracking system used by a large number of
software projects. The following security issue has been discovered
in Bugzilla:

* A CSRF vulnerability in the implementation of the XML-RPC API
when running under mod_perl could be used to make changes to
bugs or execute some admin tasks without the victim's knowledge.

All affected installations are encouraged to upgrade as soon as
possible.

Be the First to Comment

Share Your Thoughts

  • Hot
  • Latest