CVE-2011-3668

Cross-site request forgery (CSRF) vulnerability in post_bug.cgi in Bugzilla 2.x, 3.x, and 4.x before 4.2rc1 allows remote attackers to hijack the authentication of arbitrary users for requests that create bug reports.

Date published : 2012-01-02

http://www.bugzilla.org/security/3.4.12/

https://bugzilla.mozilla.org/show_bug.cgi?id=703975