4
CVE-2008-6098
- EPSS 1.15%
- Veröffentlicht 09.02.2009 18:30:00
- Zuletzt bearbeitet 16.06.2026 23:01:36
- Quelle secalert@redhat.com
- CVE-Watchlists
- Unerledigt
Bugzilla 3.2 before 3.2 RC2, 3.0 before 3.0.6, 2.22 before 2.22.6, 2.20 before 2.20.7, and other versions after 2.17.4 allows remote authenticated users to bypass moderation to approve and disapprove quips via a direct request to quips.cgi with the action parameter set to "approve."
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 1.15% | 0.626 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 4 | 8 | 2.9 |
AV:N/AC:L/Au:S/C:N/I:N/A:P
|
http://secunia.com/advisories/34361
https://www.redhat.com/archives/fedora-package-announce/2009-March/msg00664.html
https://www.redhat.com/archives/fedora-package-announce/2009-March/msg00687.html
http://secunia.com/advisories/32501
http://www.bugzilla.org/security/2.20.6/
http://www.securityfocus.com/bid/32178
https://bugzilla.mozilla.org/show_bug.cgi?id=449931
https://exchange.xforce.ibmcloud.com/vulnerabilities/46424