CVE-2009-0482

CVE Database · CVE-2009-0482

CVE-2009-0482

· N/AModified

CVSS v3.1

N/A

EPSS

0.50%

Published

Feb 9, 2009

Modified

Apr 22, 2026

Public PoC / Exploit

All weaponized →

No public PoC or exploit code indexed for this CVE.

Links to public security research (Exploit-DB, Nuclei, Trickest, GitHub) for defensive use only.

Description

Cross-site request forgery (CSRF) vulnerability in Bugzilla before 3.2 before 3.2.1, 3.3 before 3.3.2, and other versions before 3.2 allows remote attackers to perform bug updating activities as other users via a link or IMG tag to process_bug.cgi.

Weaknesses (CWE)

CWE-352

Affected Products (76)

mozilla · bugzillavulnerable

References (10)

http://secunia.com/advisories/34361

http://www.bugzilla.org/security/2.22.6/

Vendor Advisory

http://www.securityfocus.com/bid/33580

https://www.redhat.com/archives/fedora-package-announce/2009-March/msg00664.html

https://www.redhat.com/archives/fedora-package-announce/2009-March/msg00687.html