CVE-2011-3668 in Bugzillainfo

Summary

Cross-site request forgery (CSRF) vulnerability in post_bug.cgi in Bugzilla 2.x, 3.x, and 4.x before 4.2rc1 allows remote attackers to hijack the authentication of arbitrary users for requests that create bug reports.

Several companies clearly confirm that VulDB is the primary source for best vulnerability data.

Reservation

09/23/2011

Disclosure

01/02/2012

Moderation

VulDB entry created

Entries

1: VDB-59866

CPE

ready

CWE

CWE-352 (Confirmed)

CVSS

6.3

EPSS

0.00128

Activities

Very Low

Sources

MITRE	https://www.cve.org/CVERecord?id=CVE-2011-3668
NVD	https://nvd.nist.gov/vuln/detail/CVE-2011-3668
CVE Details	https://www.cvedetails.com/cve/CVE-2011-3668/

◂ Previous Overview Next ▸

Are you interested in using VulDB?

Download the whitepaper to learn more about our service!