Vulnerabilities > Mozilla > Bugzilla > 3.3.1

DATE CVE VULNERABILITY TITLE RISK
2009-02-09 CVE-2009-0482 Cross-Site Request Forgery (CSRF) vulnerability in Mozilla Bugzilla
Cross-site request forgery (CSRF) vulnerability in Bugzilla before 3.2 before 3.2.1, 3.3 before 3.3.2, and other versions before 3.2 allows remote attackers to perform bug updating activities as other users via a link or IMG tag to process_bug.cgi.
network
mozilla CWE-352
5.8
5.8
2009-02-09 CVE-2009-0481 Cross-Site Scripting vulnerability in Mozilla Bugzilla
Bugzilla 2.x before 2.22.7, 3.0 before 3.0.7, 3.2 before 3.2.1, and 3.3 before 3.3.2 allows remote authenticated users to conduct cross-site scripting (XSS) and related attacks by uploading HTML and JavaScript attachments that are rendered by web browsers.
network
mozilla CWE-79
3.5
3.5