Unrated severityNVD Advisory· Published Apr 1, 2009· Updated Jun 16, 2026
CVE-2009-1213
CVE-2009-1213
Description
Cross-site request forgery (CSRF) vulnerability in attachment.cgi in Bugzilla 3.2 before 3.2.3, 3.3 before 3.3.4, and earlier versions allows remote attackers to hijack the authentication of arbitrary users for requests that use attachment editing.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
10cpe:2.3:a:mozilla:bugzilla:3.2:*:*:*:*:*:*:*+ 8 more
- cpe:2.3:a:mozilla:bugzilla:3.2:*:*:*:*:*:*:*
- cpe:2.3:a:mozilla:bugzilla:3.2.1:*:*:*:*:*:*:*
- cpe:2.3:a:mozilla:bugzilla:3.2.2:*:*:*:*:*:*:*
- cpe:2.3:a:mozilla:bugzilla:3.2:rc1:*:*:*:*:*:*
- cpe:2.3:a:mozilla:bugzilla:3.2:rc2:*:*:*:*:*:*
- cpe:2.3:a:mozilla:bugzilla:3.3:*:*:*:*:*:*:*
- cpe:2.3:a:mozilla:bugzilla:3.3.1:*:*:*:*:*:*:*
- cpe:2.3:a:mozilla:bugzilla:3.3.2:*:*:*:*:*:*:*
- cpe:2.3:a:mozilla:bugzilla:3.3.3:*:*:*:*:*:*:*
- Range: >=3.2, <3.2.3 + >=3.3, <3.3.4
Patches
Vulnerability mechanics
References
10- www.bugzilla.org/security/3.2.2/nvdPatchVendor Advisory
- www.vupen.com/english/advisories/2009/0887nvdPatchVendor Advisory
- secunia.com/advisories/34545nvdVendor Advisory
- secunia.com/advisories/34547nvdVendor Advisory
- bugzilla.mozilla.org/show_bug.cginvdVendor Advisory
- secunia.com/advisories/34624nvd
- www.securityfocus.com/bid/34308nvd
- exchange.xforce.ibmcloud.com/vulnerabilities/49524nvd
- www.redhat.com/archives/fedora-package-announce/2009-April/msg00188.htmlnvd
- www.redhat.com/archives/fedora-package-announce/2009-April/msg00191.htmlnvd
News mentions
0No linked articles in our index yet.