News: Bugzilla Cross Site Request Forgery

Bugzilla Cross Site Request Forgery


Bugzilla is a Web-based bug-tracking system used by a large number of
software projects. The following security issue has been discovered
in Bugzilla:

* A CSRF vulnerability in the implementation of the XML-RPC API
when running under mod_perl could be used to make changes to
bugs or execute some admin tasks without the victim's knowledge.

All affected installations are encouraged to upgrade as soon as

Get The Weekly Null Byte Newsletter

Never miss a Null Byte guide.

Be the First to Comment

Share Your Thoughts

  • Hot
  • Latest