CVE-2008-6098
Published: 9 February 2009
Bugzilla 3.2 before 3.2 RC2, 3.0 before 3.0.6, 2.22 before 2.22.6, 2.20 before 2.20.7, and other versions after 2.17.4 allows remote authenticated users to bypass moderation to approve and disapprove quips via a direct request to quips.cgi with the action parameter set to "approve."
Priority
Status
Package | Release | Status |
---|---|---|
bugzilla Launchpad, Ubuntu, Debian |
dapper |
Ignored
(end of life)
|
gutsy |
Ignored
(end of life, was needed)
|
|
hardy |
Ignored
(end of life)
|
|
intrepid |
Ignored
(end of life, was needed)
|
|
jaunty |
Not vulnerable
(3.2.0.1-1)
|
|
karmic |
Not vulnerable
(3.2.0.1-1)
|
|
lucid |
Not vulnerable
(3.2.0.1-1)
|
|
maverick |
Not vulnerable
(3.2.0.1-1)
|
|
natty |
Not vulnerable
(3.2.0.1-1)
|
|
oneiric |
Not vulnerable
(3.2.0.1-1)
|
|
upstream |
Released
(3.2)
|