Search Results (Refine Search)
- Results Type: Overview
- Keyword (text search): cpe:2.3:a:mozilla:bugzilla:2.23.1:*:*:*:*:*:*:*
Vuln ID | Summary | CVSS Severity |
---|---|---|
CVE-2006-5454 |
Bugzilla 2.18.x before 2.18.6, 2.20.x before 2.20.3, 2.22.x before 2.22.1, and 2.23.x before 2.23.3 allow remote attackers to obtain (1) the description of arbitrary attachments by viewing the attachment in "diff" mode in attachment.cgi, and (2) the deadline field by viewing the XML format of the bug in show_bug.cgi. Published: October 23, 2006; 1:07:00 PM -0400 |
V3.x:(not available) V2.0: 5.0 MEDIUM |
CVE-2006-5455 |
Cross-site request forgery (CSRF) vulnerability in editversions.cgi in Bugzilla before 2.22.1 and 2.23.x before 2.23.3 allows user-assisted remote attackers to create, modify, or delete arbitrary bug reports via a crafted URL. Published: October 23, 2006; 1:07:00 PM -0400 |
V3.x:(not available) V2.0: 2.6 LOW |