Bugzilla 'jsonrpc.cgi' Cross Site Request Forgery Vulnerability

Bugzilla 'jsonrpc.cgi' Cross Site Request Forgery Vulnerability

Bugzilla is prone to a cross-site request-forgery vulnerability.

Exploiting this issue may allow a remote attacker to perform certain administrative actions and gain unauthorized access to the affected application. Other attacks are also possible.

Bugzilla versions prior to 3.4.14, 3.6.8 and 4.0.4 are vulnerable.