Latest Cross-Site Request Forgery (CSRF) Vulnerabilities
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-09-15 | CVE-2020-4526 | Cross-Site Request Forgery (CSRF) vulnerability in IBM Maximo Asset Management IBM Maximo Asset Management 7.6.0 and 7.6.1 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts. | |
| 2020-09-11 | CVE-2018-19948 | Cross-Site Request Forgery (CSRF) vulnerability in Qnap Helpdesk The vulnerability have been reported to affect earlier versions of Helpdesk. | |
| 2020-09-11 | CVE-2020-25252 | Cross-Site Request Forgery (CSRF) vulnerability in Hyland Onbase An issue was discovered in Hyland OnBase through 18.0.0.32 and 19.x through 19.8.9.1000. | |
| 2020-09-10 | CVE-2020-24739 | Cross-Site Request Forgery (CSRF) vulnerability in Idreamsoft Icms 7.0.0 A CSRF vulnerability was found in iCMS v7.0.0 in the background deletion administrator account. | |
| 2020-09-09 | CVE-2020-15789 | Cross-Site Request Forgery (CSRF) vulnerability in Siemens Polarion Subversion Webclient A vulnerability has been identified in Polarion Subversion Webclient (All versions). | |
| 2020-09-02 | CVE-2020-23830 | Cross-Site Request Forgery (CSRF) vulnerability in Stock Management System Project Stock Management System 1.0 A Cross-Site Request Forgery (CSRF) vulnerability in changeUsername.php in SourceCodester Stock Management System v1.0 allows remote attackers to deny future logins by changing an authenticated victim's username when they visit a third-party site. | |
| 2020-09-01 | CVE-2020-5776 | Cross-Site Request Forgery (CSRF) vulnerability in Magmi Project Magmi Currently, all versions of MAGMI are vulnerable to CSRF due to the lack of CSRF tokens. | |
| 2020-09-01 | CVE-2020-25070 | Cross-Site Request Forgery (CSRF) vulnerability in Usvn USVN (aka User-friendly SVN) before 1.0.10 allows CSRF, related to the lack of the SameSite Strict feature. | |
| 2020-09-01 | CVE-2020-16208 | Cross-Site Request Forgery (CSRF) vulnerability in Redlion N-Tron 702-W Firmware and N-Tron 702M12-W Firmware The affected product is vulnerable to cross-site request forgery, which may allow an attacker to modify different configurations of a device by luring an authenticated user to click on a crafted link on the N-Tron 702-W / 702M12-W (all versions). | |
| 2020-09-01 | CVE-2020-23836 | Cross-Site Request Forgery (CSRF) vulnerability in Oswapp Warehouse Inventory System 20200810 A Cross-Site Request Forgery (CSRF) vulnerability in edit_user.php in OSWAPP Warehouse Inventory System (aka OSWA-INV) through 2020-08-10 allows remote attackers to change the admin's password after an authenticated admin visits a third-party site. |