CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2013-1733

Cross-site request forgery (CSRF) vulnerability in process_bug.cgi in Bugzilla 4.4.x before 4.4.1 allows remote attackers to hijack the authentication of arbitrary users for requests that modify bugs via vectors involving a midair-collision token.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.001

EPSS Ranking 31.6%

CVSS Severity

CVSS v2 Score 6.8

References

http://www.bugzilla.org/security/4.0.10/
https://bugzilla.mozilla.org/show_bug.cgi?id=911593
http://www.bugzilla.org/security/4.0.10/
https://bugzilla.mozilla.org/show_bug.cgi?id=911593

Products affected by CVE-2013-1733

Mozilla » Bugzilla » Version: 4.4

cpe:2.3:a:mozilla:bugzilla:4.4

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2013-1733

Products

Pricing

Contact Us