Vulnerabilities > Cross-Site Request Forgery (CSRF)
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2024-03-01 | CVE-2023-28949 | Cross-Site Request Forgery (CSRF) vulnerability in IBM products IBM Engineering Requirements Management DOORS 9.7.2.7 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts. | 6.5 |
2024-02-15 | CVE-2024-20718 | Cross-Site Request Forgery (CSRF) vulnerability in Adobe Commerce 2.4.4/2.4.5/2.4.6 Adobe Commerce versions 2.4.6-p3, 2.4.5-p5, 2.4.4-p6 and earlier are affected by a Cross-Site Request Forgery (CSRF) vulnerability that could result in a Security feature bypass. | 6.5 |
2024-02-11 | CVE-2024-25417 | Cross-Site Request Forgery (CSRF) vulnerability in Flusity 2.33 flusity-CMS v2.33 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component /core/tools/add_translation.php. | 8.8 |
2024-02-11 | CVE-2024-25418 | Cross-Site Request Forgery (CSRF) vulnerability in Flusity 2.33 flusity-CMS v2.33 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component /core/tools/delete_menu.php. | 8.8 |
2024-02-11 | CVE-2024-25419 | Cross-Site Request Forgery (CSRF) vulnerability in Flusity 2.33 flusity-CMS v2.33 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component /core/tools/update_menu.php. | 8.8 |
2024-02-09 | CVE-2023-50349 | Cross-Site Request Forgery (CSRF) vulnerability in Hcltech Sametime 11.6/12.0 Sametime is impacted by a Cross Site Request Forgery (CSRF) vulnerability. | 8.8 |
2024-02-09 | CVE-2024-23319 | Cross-Site Request Forgery (CSRF) vulnerability in Mattermost Server 5.23.0 Mattermost Jira Plugin fails to protect against logout CSRF allowing an attacker to post a specially crafted message that would disconnect a user's Jira connection in Mattermost only by viewing the message. | 3.5 |
2024-02-09 | CVE-2024-24819 | Cross-Site Request Forgery (CSRF) vulnerability in Icinga Icingaweb2-Module-Incubator icingaweb2-module-incubator is a working project of bleeding edge Icinga Web 2 libraries. | 8.8 |
2024-02-09 | CVE-2024-24820 | Cross-Site Request Forgery (CSRF) vulnerability in Icinga Icinga Director is a tool designed to make Icinga 2 configuration handling easy. | 8.3 |
2024-02-08 | CVE-2023-47020 | Cross-Site Request Forgery (CSRF) vulnerability in Ncratleos Terminal Handler 1.5.1 Multiple Cross-Site Request Forgery (CSRF) chaining in NCR Terminal Handler v.1.5.1 allows privileges to be escalated by an attacker through a crafted request involving user account creation and adding the user to an administrator group. | 8.8 |