Vulnerabilities > Cross-Site Request Forgery (CSRF)

DATE CVE VULNERABILITY TITLE RISK
2021-02-24 CVE-2021-1227 A vulnerability in the NX-API feature of Cisco NX-OS Software could allow an unauthenticated, remote attacker to conduct a cross-site request forgery (CSRF) attack on an affected system. 0.0
2021-02-24 CVE-2021-21620 Cross-Site Request Forgery (CSRF) vulnerability in Jenkins Claim
A cross-site request forgery (CSRF) vulnerability in Jenkins Claim Plugin 2.18.1 and earlier allows attackers to change claims.
network
jenkins CWE-352
4.3
2021-02-24 CVE-2021-21617 Cross-Site Request Forgery (CSRF) vulnerability in Jenkins Configuration Slicing
A cross-site request forgery (CSRF) vulnerability in Jenkins Configuration Slicing Plugin 1.51 and earlier allows attackers to apply different slice configurations.
network
jenkins CWE-352
6.8
2021-02-19 CVE-2021-22701 Cross-Site Request Forgery (CSRF) vulnerability in SE products
A CWE-352: Cross-Site Request Forgery vulnerability exists in PowerLogic ION7400, ION7650, ION83xx/84xx/85xx/8600, ION8650, ION8800, ION9000 and PM800 (see notification for affected versions), that could cause a user to perform an unintended action on the target device when using the HTTP web interface.
network
se CWE-352
3.5
2021-02-19 CVE-2021-26296 Cross-Site Request Forgery (CSRF) vulnerability in Apache Myfaces
In the default configuration, Apache MyFaces Core versions 2.2.0 to 2.2.13, 2.3.0 to 2.3.7, 2.3-next-M1 to 2.3-next-M4, and 3.0.0-RC1 use cryptographically weak implicit and explicit cross-site request forgery (CSRF) tokens.
network
apache CWE-352
6.8
2021-02-19 CVE-2020-36247 Cross-Site Request Forgery (CSRF) vulnerability in OSC Open Ondemand
Open OnDemand before 1.5.7 and 1.6.x before 1.6.22 allows CSRF.
network
osc CWE-352
6.8
2021-02-16 CVE-2021-20073 Cross-Site Request Forgery (CSRF) vulnerability in Racom M!Dge Cellular Router Firmware 4.4.40.105
Racom's MIDGE Firmware 4.4.40.105 contains an issue that allows for cross-site request forgeries.
network
racom CWE-352
6.8
2021-02-12 CVE-2021-20650 Cross-Site Request Forgery (CSRF) vulnerability in Elecom Ncc-Ewf100Rmwh2 Firmware
Cross-site request forgery (CSRF) vulnerability in ELECOM NCC-EWF100RMWH2 allows remote attackers to hijack the authentication of administrators and execute an arbitrary request via unspecified vector.
network
elecom CWE-352
4.3
2021-02-12 CVE-2021-20647 Cross-Site Request Forgery (CSRF) vulnerability in Elecom Wrc-300Febk-S Firmware
Cross-site request forgery (CSRF) vulnerability in ELECOM WRC-300FEBK-S allows remote attackers to hijack the authentication of administrators and execute an arbitrary request via unspecified vector.
network
elecom CWE-352
4.3
2021-02-12 CVE-2021-20646 Cross-Site Request Forgery (CSRF) vulnerability in Elecom Wrc-300Febk-A Firmware
Cross-site request forgery (CSRF) vulnerability in ELECOM WRC-300FEBK-A allows remote attackers to hijack the authentication of administrators and execute an arbitrary request via unspecified vector.
network
elecom CWE-352
4.3