Cross-site request forgery (CSRF) vulnerability in Bugzilla 3.0 before 3.0.7, 3.2 before 3.2.1, and 3.3 before 3.3.2 allows remote attackers to delete shared or saved searches via a link or IMG tag to buglist.cgi.
Exploitability
AV:NAC:MAu:NImpact
C:NI:PA:P5.8/AV:N/AC:M/Au:N/C:N/I:P/A:P