Vulnerabilities > Cross-Site Request Forgery (CSRF)

DATE CVE VULNERABILITY TITLE RISK
2022-02-16 CVE-2022-25242 Cross-Site Request Forgery (CSRF) vulnerability in Filecloud
In FileCloud before 21.3, file upload is not protected against Cross-Site Request Forgery (CSRF).
network
low complexity
filecloud CWE-352
8.8
8.8
2022-02-15 CVE-2021-46252 Cross-Site Request Forgery (CSRF) vulnerability in Scratch-Wiki Scratch Confirmaccount V3
A Cross-Site Request Forgery (CSRF) in RequirementsBypassPage.php of Scratch Wiki scratch-confirmaccount-v3 allows attackers to modify account request requirement bypasses.
network
low complexity
scratch-wiki CWE-352
6.5
6.5
2022-02-15 CVE-2022-25192 Cross-Site Request Forgery (CSRF) vulnerability in Jenkins Snow Commander
A cross-site request forgery (CSRF) vulnerability in Jenkins Snow Commander Plugin 1.10 and earlier allows attackers to connect to an attacker-specified webserver using attacker-specified credentials IDs obtained through another method, capturing credentials stored in Jenkins.
network
low complexity
jenkins CWE-352
8.8
8.8
2022-02-15 CVE-2022-25194 Cross-Site Request Forgery (CSRF) vulnerability in Jenkins Autonomiq
A cross-site request forgery (CSRF) vulnerability in Jenkins autonomiq Plugin 1.15 and earlier allows attackers to connect to an attacker-specified URL server using attacker-specified credentials.
network
low complexity
jenkins CWE-352
8.8
8.8
2022-02-15 CVE-2022-25198 Cross-Site Request Forgery (CSRF) vulnerability in Jenkins SCP Publisher 1.8
A cross-site request forgery (CSRF) vulnerability in Jenkins SCP publisher Plugin 1.8 and earlier allows attackers to connect to an attacker-specified SSH server using attacker-specified credentials.
network
low complexity
jenkins CWE-352
8.8
8.8
2022-02-15 CVE-2022-25200 Cross-Site Request Forgery (CSRF) vulnerability in Jenkins Checkmarx
A cross-site request forgery (CSRF) vulnerability in Jenkins Checkmarx Plugin 2022.1.2 and earlier allows attackers to connect to an attacker-specified webserver using attacker-specified credentials IDs obtained through another method, capturing credentials stored in Jenkins.
network
low complexity
jenkins CWE-352
8.8
8.8
2022-02-15 CVE-2022-25205 Cross-Site Request Forgery (CSRF) vulnerability in Jenkins Dbcharts 0.4/0.5.2
A cross-site request forgery (CSRF) vulnerability in Jenkins dbCharts Plugin 0.5.2 and earlier allows attackers to connect to an attacker-specified database via JDBC using attacker-specified credentials and to determine if a class is available in the Jenkins instance.
network
low complexity
jenkins CWE-352
8.8
8.8
2022-02-15 CVE-2022-25207 Cross-Site Request Forgery (CSRF) vulnerability in Jenkins Chef Sinatra
A cross-site request forgery (CSRF) vulnerability in Jenkins Chef Sinatra Plugin 1.20 and earlier allows attackers to have Jenkins send an HTTP request to an attacker-controlled URL and have it parse an XML response.
network
low complexity
jenkins CWE-352
8.8
8.8
2022-02-15 CVE-2022-25212 Cross-Site Request Forgery (CSRF) vulnerability in Jenkins Swamp
A cross-site request forgery (CSRF) vulnerability in Jenkins SWAMP Plugin 1.2.6 and earlier allows attackers to connect to an attacker-specified web server using attacker-specified credentials.
network
low complexity
jenkins CWE-352
8.8
8.8
2022-02-15 CVE-2022-23384 Cross-Site Request Forgery (CSRF) vulnerability in Yzmcms 6.3
YzmCMS v6.3 is affected by Cross Site Request Forgery (CSRF) in /admin.add
network
low complexity
yzmcms CWE-352
8.8
8.8