Latest Cross-Site Request Forgery (CSRF) Vulnerabilities

DATE CVE VULNERABILITY TITLE RISK
2020-09-15 CVE-2020-4526 Cross-Site Request Forgery (CSRF) vulnerability in IBM Maximo Asset Management
IBM Maximo Asset Management 7.6.0 and 7.6.1 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts.
network
ibm
CWE-352
4.3
2020-09-11 CVE-2018-19948 Cross-Site Request Forgery (CSRF) vulnerability in Qnap Helpdesk
The vulnerability have been reported to affect earlier versions of Helpdesk.
network
qnap
CWE-352
4.3
2020-09-11 CVE-2020-25252 Cross-Site Request Forgery (CSRF) vulnerability in Hyland Onbase
An issue was discovered in Hyland OnBase through 18.0.0.32 and 19.x through 19.8.9.1000.
6.8
2020-09-10 CVE-2020-24739 Cross-Site Request Forgery (CSRF) vulnerability in Idreamsoft Icms 7.0.0
A CSRF vulnerability was found in iCMS v7.0.0 in the background deletion administrator account.
4.3
2020-09-09 CVE-2020-15789 Cross-Site Request Forgery (CSRF) vulnerability in Siemens Polarion Subversion Webclient
A vulnerability has been identified in Polarion Subversion Webclient (All versions).
5.8
2020-09-02 CVE-2020-23830 Cross-Site Request Forgery (CSRF) vulnerability in Stock Management System Project Stock Management System 1.0
A Cross-Site Request Forgery (CSRF) vulnerability in changeUsername.php in SourceCodester Stock Management System v1.0 allows remote attackers to deny future logins by changing an authenticated victim's username when they visit a third-party site.
5.8
2020-09-01 CVE-2020-5776 Cross-Site Request Forgery (CSRF) vulnerability in Magmi Project Magmi
Currently, all versions of MAGMI are vulnerable to CSRF due to the lack of CSRF tokens.
6.8
2020-09-01 CVE-2020-25070 Cross-Site Request Forgery (CSRF) vulnerability in Usvn
USVN (aka User-friendly SVN) before 1.0.10 allows CSRF, related to the lack of the SameSite Strict feature.
network
usvn
CWE-352
6.8
2020-09-01 CVE-2020-16208 Cross-Site Request Forgery (CSRF) vulnerability in Redlion N-Tron 702-W Firmware and N-Tron 702M12-W Firmware
The affected product is vulnerable to cross-site request forgery, which may allow an attacker to modify different configurations of a device by luring an authenticated user to click on a crafted link on the N-Tron 702-W / 702M12-W (all versions).
network
redlion
CWE-352
critical
9.3
2020-09-01 CVE-2020-23836 Cross-Site Request Forgery (CSRF) vulnerability in Oswapp Warehouse Inventory System 20200810
A Cross-Site Request Forgery (CSRF) vulnerability in edit_user.php in OSWAPP Warehouse Inventory System (aka OSWA-INV) through 2020-08-10 allows remote attackers to change the admin's password after an authenticated admin visits a third-party site.
6.8