Bugzilla versions 2.16rc1 to 4.4.12 and 4.5.1 to 5.0.3 suffer from a cross site request forgery vulnerability.
0efea52c1ab426d88a137dbce1b3674901fced5f5c6fc9df71c13baaecd73c96
Bugzilla Security Advisory - Bugzilla versions 2.x through 5.x suffer from cross site scripting and information leak vulnerabilities.
db307f7a48f357ccec4e2df7650d49504073c143e214926e2c2f8d2de6b1ae54