CVE-2009-0482 Information

Description

Cross-site request forgery (CSRF) vulnerability in Bugzilla before 3.2 before 3.2.1 3.3 before 3.3.2 and other versions before 3.2 allows remote attackers to perform bug updating activities as other users via a link or IMG tag to process_bug.cgi.

Reference

http://secunia.com/advisories/34361 http://www.bugzilla.org/security/2.22.6/ http://www.securityfocus.com/bid/33580 https://www.redhat.com/archives/fedora-package-announce/2009-March/msg00664.html https://www.redhat.com/archives/fedora-package-announce/2009-March/msg00687.html