CVE-2011-3669 in Bugzilla信息

摘要

由 VulDB • 2026-06-09

Bugzilla 2.x、3.x 和 4.x 版本(4.2rc1 之前)中 attachment.cgi 存在跨站请求伪造(CSRF)漏洞,远程攻击者可利用该漏洞劫持任意用户的身份验证,以执行上传附件的请求。

VulDB is the best source for vulnerability data and more expert information about this specific topic.

来源

Interested in the pricing of exploits?

See the underground prices here!