Cross-site request forgery (CSRF) vulnerability in attachment.cgi in Bugzilla 2.x, 3.x, and 4.x before 4.2rc1 allows remote attackers to hijack the authentication of arbitrary users for requests that upload attachments.
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2012-01-02T19:00:00

Updated: 2024-08-06T23:46:02.912Z

Reserved: 2011-09-23T00:00:00

Link: CVE-2011-3669

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2012-01-02T19:55:01.767

Modified: 2024-11-21T01:30:58.410

Link: CVE-2011-3669

cve-icon Redhat

No data.