Vulnerabilities > Cross-Site Request Forgery (CSRF)

DATE CVE VULNERABILITY TITLE RISK
2024-03-01 CVE-2023-28949 Cross-Site Request Forgery (CSRF) vulnerability in IBM products
IBM Engineering Requirements Management DOORS 9.7.2.7 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts.
network
low complexity
ibm CWE-352
6.5
2024-02-15 CVE-2024-20718 Cross-Site Request Forgery (CSRF) vulnerability in Adobe Commerce 2.4.4/2.4.5/2.4.6
Adobe Commerce versions 2.4.6-p3, 2.4.5-p5, 2.4.4-p6 and earlier are affected by a Cross-Site Request Forgery (CSRF) vulnerability that could result in a Security feature bypass.
network
low complexity
adobe CWE-352
6.5
2024-02-11 CVE-2024-25417 Cross-Site Request Forgery (CSRF) vulnerability in Flusity 2.33
flusity-CMS v2.33 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component /core/tools/add_translation.php.
network
low complexity
flusity CWE-352
8.8
2024-02-11 CVE-2024-25418 Cross-Site Request Forgery (CSRF) vulnerability in Flusity 2.33
flusity-CMS v2.33 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component /core/tools/delete_menu.php.
network
low complexity
flusity CWE-352
8.8
2024-02-11 CVE-2024-25419 Cross-Site Request Forgery (CSRF) vulnerability in Flusity 2.33
flusity-CMS v2.33 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component /core/tools/update_menu.php.
network
low complexity
flusity CWE-352
8.8
2024-02-09 CVE-2023-50349 Cross-Site Request Forgery (CSRF) vulnerability in Hcltech Sametime 11.6/12.0
Sametime is impacted by a Cross Site Request Forgery (CSRF) vulnerability.
network
low complexity
hcltech CWE-352
8.8
2024-02-09 CVE-2024-23319 Cross-Site Request Forgery (CSRF) vulnerability in Mattermost Server 5.23.0
Mattermost Jira Plugin fails to protect against logout CSRF allowing an attacker to post a specially crafted message that would disconnect a user's Jira connection in Mattermost only by viewing the message.
network
low complexity
mattermost CWE-352
3.5
2024-02-09 CVE-2024-24819 Cross-Site Request Forgery (CSRF) vulnerability in Icinga Icingaweb2-Module-Incubator
icingaweb2-module-incubator is a working project of bleeding edge Icinga Web 2 libraries.
network
low complexity
icinga CWE-352
8.8
2024-02-09 CVE-2024-24820 Cross-Site Request Forgery (CSRF) vulnerability in Icinga
Icinga Director is a tool designed to make Icinga 2 configuration handling easy.
network
low complexity
icinga CWE-352
8.3
2024-02-08 CVE-2023-47020 Cross-Site Request Forgery (CSRF) vulnerability in Ncratleos Terminal Handler 1.5.1
Multiple Cross-Site Request Forgery (CSRF) chaining in NCR Terminal Handler v.1.5.1 allows privileges to be escalated by an attacker through a crafted request involving user account creation and adding the user to an administrator group.
network
low complexity
ncratleos CWE-352
8.8