Vulnerabilities > Cross-Site Request Forgery (CSRF)
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-12-13 | CVE-2022-46059 | Cross-Site Request Forgery (CSRF) vulnerability in Aerocms Project Aerocms 0.0.1 AeroCMS v0.0.1 is vulnerable to Cross Site Request Forgery (CSRF). | 6.5 |
| 2022-12-12 | CVE-2022-3853 | Cross-Site Request Forgery (CSRF) vulnerability in Supra-Csv-Parser Project Supra-Csv-Parser 4.0.3 Cross-site Scripting (XSS) is a client-side code injection attack. | 5.4 |
| 2022-12-12 | CVE-2022-45980 | Cross-Site Request Forgery (CSRF) vulnerability in Tenda Ax12 Firmware 22.03.01.21Cn Tenda AX12 V22.03.01.21_CN was discovered to contain a Cross-Site Request Forgery (CSRF) via /goform/SysToolRestoreSet . | 8.8 |
| 2022-12-12 | CVE-2022-41296 | Cross-Site Request Forgery (CSRF) vulnerability in IBM DB2 and DB2 Warehouse IBM Db2U 3.5, 4.0, and 4.5 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts. | 8.8 |
| 2022-12-12 | CVE-2022-46688 | Cross-Site Request Forgery (CSRF) vulnerability in Jenkins Sonar Gerrit A cross-site request forgery (CSRF) vulnerability in Jenkins Sonar Gerrit Plugin 377.v8f3808963dc5 and earlier allows attackers to have Jenkins connect to Gerrit servers (previously configured by Jenkins administrators) using attacker-specified credentials IDs obtained through another method, potentially capturing credentials stored in Jenkins. | 6.5 |
| 2022-12-12 | CVE-2022-45228 | Cross-Site Request Forgery (CSRF) vulnerability in Dragino Lg01 Lora Firmware 4.3.4 Dragino Lora LG01 18ed40 IoT v4.3.4 was discovered to contain a Cross-Site Request Forgery in the logout page. | 3.5 |
| 2022-12-10 | CVE-2022-4397 | Cross-Site Request Forgery (CSRF) vulnerability in Zend-Blog-2 Project Zend-Blog-2 A vulnerability was found in morontt zend-blog-number-2. | 6.5 |
| 2022-12-08 | CVE-2022-4349 | Cross-Site Request Forgery (CSRF) vulnerability in PWN Project PWN A vulnerability classified as problematic has been found in CTF-hacker pwn. | 6.8 |
| 2022-12-07 | CVE-2022-41622 | Cross-Site Request Forgery (CSRF) vulnerability in F5 products In all versions, BIG-IP and BIG-IQ are vulnerable to cross-site request forgery (CSRF) attacks through iControl SOAP. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated. | 8.8 |
| 2022-12-07 | CVE-2022-44849 | Cross-Site Request Forgery (CSRF) vulnerability in Metinfo 7.7 A Cross-Site Request Forgery (CSRF) in the Administrator List of MetInfo v7.7 allows attackers to arbitrarily add Super Administrator account. | 8.8 |