CVE-2006-5455

NameCVE-2006-5455
DescriptionCross-site request forgery (CSRF) vulnerability in editversions.cgi in Bugzilla before 2.22.1 and 2.23.x before 2.23.3 allows user-assisted remote attackers to create, modify, or delete arbitrary bug reports via a crafted URL.
SourceCVE (at NVD; CERT, ENISA, LWN, oss-sec, fulldisc, Debian ELTS, Red Hat, Ubuntu, Gentoo, SUSE bugzilla/CVE, GitHub advisories/code/issues, web search, more)
Debian Bugs395094

The information below is based on the following data on fixed versions.

PackageTypeReleaseFixed VersionUrgencyOriginDebian Bugs
bugzillasource(unstable)2.22.1-1low395094

Notes

[sarge] - bugzilla <no-dsa> (CSRF infrastructure not present, too intrusive to backport)
Search for package or bug name: Reporting problems