CVE-2008-0336

Severity CVSS v4.0:
Pending analysis
Type:
CWE-352 Cross-Site Request Forgery (CSRF)
Publication date:
17/01/2008
Last modified:
09/04/2025

Description

Multiple cross-site request forgery (CSRF) vulnerabilities in BugTracker.NET before 2.7.2 allow remote attackers to delete arbitrary bugs and perform other administrative tasks via unspecified vectors, possibly related to delete_*.aspx pages, and massedit.aspx, subscribe.aspx, flag.aspx, and relationships.aspx.

Vulnerable products and versions

CPE From Up to
cpe:2.3:a:bugtracker.net:bugtracker.net:*:*:*:*:*:*:*:* 2.7.1 (including)