Cross-site request forgery (CSRF) vulnerability in...
Moderate severity
Unreviewed
Published
May 2, 2022
to the GitHub Advisory Database
•
Updated Jan 31, 2023
Description
Published by the National Vulnerability Database
Feb 9, 2009
Published to the GitHub Advisory Database
May 2, 2022
Last updated
Jan 31, 2023
Cross-site request forgery (CSRF) vulnerability in Bugzilla 2.17 to 2.22.7, 3.0 before 3.0.7, 3.2 before 3.2.1, and 3.3 before 3.3.2 allows remote attackers to delete unused flag types via a link or IMG tag to editflagtypes.cgi.
References