Facebook Google Plus Twitter LinkedIn YouTube RSS Menu Search Resource - BlogResource - WebinarResource - ReportResource - Eventicons_066 icons_067icons_068icons_069icons_070

Bugzilla 3.7.x < 4.0.14 / 4.2.10 / 4.4.5 / 4.5.5 Cross-Site Request Forgery

Medium

Synopsis

The remote host is running a version of Bugzilla affected by a cross-site request forgery (CSRF) vulnerability.

Description

The remote web server is hosting Bugzilla, a web-based bug tracking application. Versions of Bugzilla 3.7.x / 4.x prior to 4.0.14 / 4.2.10 / 4.4.5 / 4.5.5 are potentially exposed to a flaw as data from callback APIs is not properly sanitized before being submitted to the JSONP endpoint, 'jsonrpc.cgi'. With a specially crafted OBJECT element with SWF content satisfying the character set requirements of a callback API, a context-dependent attacker can perform a cross-site request forgery (CSRF) attack causing the victim to disclose sensitive bug information.

Solution

The fixes for these issues are included in the 4.0.14, 4.2.10, 4.4.5, and 4.5.5 releases.