Vulnerabilities > Cross-Site Request Forgery (CSRF)

DATE CVE VULNERABILITY TITLE RISK
2022-07-27 CVE-2022-36906 Cross-Site Request Forgery (CSRF) vulnerability in Jenkins Openshift Deployer
A cross-site request forgery (CSRF) vulnerability in Jenkins OpenShift Deployer Plugin 1.2.0 and earlier allows attackers to connect to an attacker-specified URL using attacker-specified username and password.
network
low complexity
jenkins CWE-352
6.5
6.5
2022-07-27 CVE-2022-36908 Cross-Site Request Forgery (CSRF) vulnerability in Jenkins Openshift Deployer
A cross-site request forgery (CSRF) vulnerability in Jenkins OpenShift Deployer Plugin 1.2.0 and earlier allows attackers to check for the existence of an attacker-specified file path on the Jenkins controller file system and to upload a SSH key file from the Jenkins controller file system to an attacker-specified URL.
network
low complexity
jenkins CWE-352
6.5
6.5
2022-07-27 CVE-2022-36911 Cross-Site Request Forgery (CSRF) vulnerability in Jenkins Openstack Heat 1.5
A cross-site request forgery (CSRF) vulnerability in Jenkins Openstack Heat Plugin 1.5 and earlier allows attackers to connect to an attacker-specified URL.
network
low complexity
jenkins CWE-352
6.5
6.5
2022-07-27 CVE-2022-36916 Cross-Site Request Forgery (CSRF) vulnerability in Jenkins Google Cloud Backup 0.6
A cross-site request forgery (CSRF) vulnerability in Jenkins Google Cloud Backup Plugin 0.6 and earlier allows attackers to request a manual backup.
network
low complexity
jenkins CWE-352
8.0
8.0
2022-07-27 CVE-2022-36920 Cross-Site Request Forgery (CSRF) vulnerability in Jenkins Coverity
A cross-site request forgery (CSRF) vulnerability in Jenkins Coverity Plugin 1.11.4 and earlier allows attackers to connect to an attacker-specified URL using attacker-specified credentials IDs obtained through another method, capturing credentials stored in Jenkins.
network
low complexity
jenkins CWE-352
8.8
8.8
2022-07-26 CVE-2022-35286 Cross-Site Request Forgery (CSRF) vulnerability in IBM Security Verify Information Queue 10.0.2
IBM Security Verify Information Queue 10.0.2 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts.
network
low complexity
ibm CWE-352
8.8
8.8
2022-07-25 CVE-2022-35285 Cross-Site Request Forgery (CSRF) vulnerability in IBM Security Verify Information Queue 10.0.2
IBM Security Verify Information Queue 10.0.2 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts.
network
low complexity
ibm CWE-352
8.8
8.8
2022-07-25 CVE-2021-40335 Cross-Site Request Forgery (CSRF) vulnerability in Hitachienergy Modular Switchgear Monitoring Firmware 2.1.0/2.2.0
A vulnerability exists in the HTTP web interface where the web interface does not sufficiently verify if a well-formed, valid, consistent request was intentionally provided by the user who submitted the request.
network
low complexity
hitachienergy CWE-352
8.8
8.8
2022-07-21 CVE-2022-20861 Cross-Site Request Forgery (CSRF) vulnerability in Cisco Nexus Dashboard
Multiple vulnerabilities in Cisco Nexus Dashboard could allow an unauthenticated, remote attacker to execute arbitrary commands, read or upload container image files, or perform a cross-site request forgery attack.
network
low complexity
cisco CWE-352
8.8
8.8
2022-07-21 CVE-2022-34367 Cross-Site Request Forgery (CSRF) vulnerability in Dell EMC Data Protection Central
Dell EMC Data Protection Central versions 19.1, 19.2, 19.3, 19.4, 19.5, 19.6, contain(s) a Cross-Site Request Forgery Vulnerability.
network
low complexity
dell CWE-352
8.8
8.8