Unrated severityNVD Advisory· Published Feb 25, 2012· Updated Jun 16, 2026
CVE-2012-0453
CVE-2012-0453
Description
Cross-site request forgery (CSRF) vulnerability in xmlrpc.cgi in Bugzilla 4.0.2 through 4.0.4 and 4.1.1 through 4.2rc2, when mod_perl is used, allows remote attackers to hijack the authentication of arbitrary users for requests that modify the product's installation via the XML-RPC API.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
9cpe:2.3:a:mozilla:bugzilla:4.0.2:*:*:*:*:*:*:*+ 7 more
- cpe:2.3:a:mozilla:bugzilla:4.0.2:*:*:*:*:*:*:*
- cpe:2.3:a:mozilla:bugzilla:4.0.3:*:*:*:*:*:*:*
- cpe:2.3:a:mozilla:bugzilla:4.0.4:*:*:*:*:*:*:*
- cpe:2.3:a:mozilla:bugzilla:4.1.1:*:*:*:*:*:*:*
- cpe:2.3:a:mozilla:bugzilla:4.1.2:*:*:*:*:*:*:*
- cpe:2.3:a:mozilla:bugzilla:4.1.3:*:*:*:*:*:*:*
- cpe:2.3:a:mozilla:bugzilla:4.2:rc1:*:*:*:*:*:*
- cpe:2.3:a:mozilla:bugzilla:4.2:rc2:*:*:*:*:*:*
- Range: 4.0.2 to 4.0.4, 4.1.1 to 4.2rc2
Patches
Vulnerability mechanics
References
3- www.bugzilla.org/security/4.0.4/nvdPatchVendor Advisory
- bugzilla.mozilla.org/show_bug.cginvdPatch
- www.securitytracker.com/idnvd
News mentions
0No linked articles in our index yet.