CVE-2006-5455

2006-10-2317:07:00

[email protected]

web.nvd.nist.gov

CVSS2

2.6

Attack Vector

NETWORK

Attack Complexity

HIGH

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:H/Au:N/C:N/I:P/A:N

AI Score

6.8

Confidence

Low

EPSS

0.044

Percentile

92.4%

JSON

Cross-site request forgery (CSRF) vulnerability in editversions.cgi in Bugzilla before 2.22.1 and 2.23.x before 2.23.3 allows user-assisted remote attackers to create, modify, or delete arbitrary bug reports via a crafted URL.

Affected configurations

Nvd

Node

mozillabugzillaRange≤2.22.1

mozillabugzillaMatch2.23

mozillabugzillaMatch2.23.1

mozillabugzillaMatch2.23.2

VendorProductVersionCPE
mozillabugzilla*cpe:2.3:a:mozilla:bugzilla:*:*:*:*:*:*:*:*
mozillabugzilla2.23cpe:2.3:a:mozilla:bugzilla:2.23:*:*:*:*:*:*:*
mozillabugzilla2.23.1cpe:2.3:a:mozilla:bugzilla:2.23.1:*:*:*:*:*:*:*
mozillabugzilla2.23.2cpe:2.3:a:mozilla:bugzilla:2.23.2:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
mozilla	bugzilla	*	cpe:2.3:a:mozilla:bugzilla::::::::
mozilla	bugzilla	2.23	cpe:2.3:a:mozilla:bugzilla:2.23:::::::*
mozilla	bugzilla	2.23.1	cpe:2.3:a:mozilla:bugzilla:2.23.1:::::::*
mozilla	bugzilla	2.23.2	cpe:2.3:a:mozilla:bugzilla:2.23.2:::::::*