Vulnerabilities > Cross-Site Request Forgery (CSRF)

DATE CVE VULNERABILITY TITLE RISK
2022-08-02 CVE-2022-36968 Cross-Site Request Forgery (CSRF) vulnerability in Progress Ipswitch WS FTP Server
In Progress WS_FTP Server prior to version 8.7.3, forms within the administrative interface did not include a nonce to mitigate the risk of cross-site request forgery (CSRF) attacks.
network
low complexity
progress CWE-352
4.3
4.3
2022-08-01 CVE-2022-34161 Cross-Site Request Forgery (CSRF) vulnerability in IBM Cics TX 11.1
IBM CICS TX 11.1 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts.
network
low complexity
ibm CWE-352
8.8
8.8
2022-08-01 CVE-2022-26309 Cross-Site Request Forgery (CSRF) vulnerability in Pandorafms Pandora FMS
Pandora FMS v7.0NG.759 allows Cross-Site Request Forgery in Bulk operation (User operation) resulting in elevation of privilege to Administrator group.
network
low complexity
pandorafms CWE-352
8.8
8.8
2022-07-27 CVE-2022-36882 Cross-Site Request Forgery (CSRF) vulnerability in Jenkins GIT
A cross-site request forgery (CSRF) vulnerability in Jenkins Git Plugin 4.11.3 and earlier allows attackers to trigger builds of jobs configured to use an attacker-specified Git repository and to cause them to check out an attacker-specified commit.
network
low complexity
jenkins CWE-352
8.8
8.8
2022-07-27 CVE-2022-36886 Cross-Site Request Forgery (CSRF) vulnerability in Jenkins External Monitor JOB Type
A cross-site request forgery (CSRF) vulnerability in Jenkins External Monitor Job Type Plugin 191.v363d0d1efdf8 and earlier allows attackers to create runs of an external job.
network
low complexity
jenkins CWE-352
4.3
4.3
2022-07-27 CVE-2022-36887 Cross-Site Request Forgery (CSRF) vulnerability in Jenkins JOB Configuration History
A cross-site request forgery (CSRF) vulnerability in Jenkins Job Configuration History Plugin 1155.v28a_46a_cc06a_5 and earlier allows attackers to delete entries from job, agent, and system configuration history, or restore older versions of job, agent, and system configurations.
network
low complexity
jenkins CWE-352
4.3
4.3
2022-07-27 CVE-2022-36906 Cross-Site Request Forgery (CSRF) vulnerability in Jenkins Openshift Deployer
A cross-site request forgery (CSRF) vulnerability in Jenkins OpenShift Deployer Plugin 1.2.0 and earlier allows attackers to connect to an attacker-specified URL using attacker-specified username and password.
network
low complexity
jenkins CWE-352
6.5
6.5
2022-07-27 CVE-2022-36908 Cross-Site Request Forgery (CSRF) vulnerability in Jenkins Openshift Deployer
A cross-site request forgery (CSRF) vulnerability in Jenkins OpenShift Deployer Plugin 1.2.0 and earlier allows attackers to check for the existence of an attacker-specified file path on the Jenkins controller file system and to upload a SSH key file from the Jenkins controller file system to an attacker-specified URL.
network
low complexity
jenkins CWE-352
6.5
6.5
2022-07-27 CVE-2022-36911 Cross-Site Request Forgery (CSRF) vulnerability in Jenkins Openstack Heat 1.5
A cross-site request forgery (CSRF) vulnerability in Jenkins Openstack Heat Plugin 1.5 and earlier allows attackers to connect to an attacker-specified URL.
network
low complexity
jenkins CWE-352
6.5
6.5
2022-07-27 CVE-2022-36916 Cross-Site Request Forgery (CSRF) vulnerability in Jenkins Google Cloud Backup 0.6
A cross-site request forgery (CSRF) vulnerability in Jenkins Google Cloud Backup Plugin 0.6 and earlier allows attackers to request a manual backup.
network
low complexity
jenkins CWE-352
8.0
8.0