Vulnerabilities > Cross-Site Request Forgery (CSRF)
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-04-12 | CVE-2022-25754 | Cross-Site Request Forgery (CSRF) vulnerability in Siemens products A vulnerability has been identified in SCALANCE X302-7 EEC (230V), SCALANCE X302-7 EEC (230V, coated), SCALANCE X302-7 EEC (24V), SCALANCE X302-7 EEC (24V, coated), SCALANCE X302-7 EEC (2x 230V), SCALANCE X302-7 EEC (2x 230V, coated), SCALANCE X302-7 EEC (2x 24V), SCALANCE X302-7 EEC (2x 24V, coated), SCALANCE X304-2FE, SCALANCE X306-1LD FE, SCALANCE X307-2 EEC (230V), SCALANCE X307-2 EEC (230V, coated), SCALANCE X307-2 EEC (24V), SCALANCE X307-2 EEC (24V, coated), SCALANCE X307-2 EEC (2x 230V), SCALANCE X307-2 EEC (2x 230V, coated), SCALANCE X307-2 EEC (2x 24V), SCALANCE X307-2 EEC (2x 24V, coated), SCALANCE X307-3, SCALANCE X307-3, SCALANCE X307-3LD, SCALANCE X307-3LD, SCALANCE X308-2, SCALANCE X308-2, SCALANCE X308-2LD, SCALANCE X308-2LD, SCALANCE X308-2LH, SCALANCE X308-2LH, SCALANCE X308-2LH+, SCALANCE X308-2LH+, SCALANCE X308-2M, SCALANCE X308-2M, SCALANCE X308-2M PoE, SCALANCE X308-2M PoE, SCALANCE X308-2M TS, SCALANCE X308-2M TS, SCALANCE X310, SCALANCE X310, SCALANCE X310FE, SCALANCE X310FE, SCALANCE X320-1 FE, SCALANCE X320-1-2LD FE, SCALANCE X408-2, SCALANCE XR324-12M (230V, ports on front), SCALANCE XR324-12M (230V, ports on front), SCALANCE XR324-12M (230V, ports on rear), SCALANCE XR324-12M (230V, ports on rear), SCALANCE XR324-12M (24V, ports on front), SCALANCE XR324-12M (24V, ports on front), SCALANCE XR324-12M (24V, ports on rear), SCALANCE XR324-12M (24V, ports on rear), SCALANCE XR324-12M TS (24V), SCALANCE XR324-12M TS (24V), SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on front), SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on front), SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on rear), SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on rear), SCALANCE XR324-4M EEC (24V, ports on front), SCALANCE XR324-4M EEC (24V, ports on front), SCALANCE XR324-4M EEC (24V, ports on rear), SCALANCE XR324-4M EEC (24V, ports on rear), SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on front), SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on front), SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on rear), SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on rear), SCALANCE XR324-4M EEC (2x 24V, ports on front), SCALANCE XR324-4M EEC (2x 24V, ports on front), SCALANCE XR324-4M EEC (2x 24V, ports on rear), SCALANCE XR324-4M EEC (2x 24V, ports on rear), SCALANCE XR324-4M PoE (230V, ports on front), SCALANCE XR324-4M PoE (230V, ports on rear), SCALANCE XR324-4M PoE (24V, ports on front), SCALANCE XR324-4M PoE (24V, ports on rear), SCALANCE XR324-4M PoE TS (24V, ports on front), SIPLUS NET SCALANCE X308-2. | 8.8 |
| 2022-04-11 | CVE-2022-25614 | Cross-Site Request Forgery (CSRF) vulnerability in Stylemixthemes Eroom - Zoom Meetings & Webinar Cross-Site Request Forgery (CSRF) in StylemixThemes eRoom – Zoom Meetings & Webinar (WordPress plugin) <= 1.3.7 allows an attacker to Sync with Zoom Meetings. | 4.3 |
| 2022-04-11 | CVE-2022-25615 | Cross-Site Request Forgery (CSRF) vulnerability in Stylemixthemes Eroom - Zoom Meetings & Webinar Cross-Site Request Forgery (CSRF) in StylemixThemes eRoom – Zoom Meetings & Webinar (WordPress plugin) <= 1.3.8 allows cache deletion. | 4.3 |
| 2022-04-11 | CVE-2021-32156 | Cross-Site Request Forgery (CSRF) vulnerability in Webmin 1.973 A cross-site request forgery (CSRF) vulnerability exists in Webmin 1.973 via the Scheduled Cron Jobs feature. | 8.8 |
| 2022-04-11 | CVE-2021-32159 | Cross-Site Request Forgery (CSRF) vulnerability in Webmin 1.973 A Cross-site request forgery (CSRF) vulnerability exists in Webmin 1.973 via the Upload and Download feature. | 8.8 |
| 2022-04-11 | CVE-2021-32162 | Cross-Site Request Forgery (CSRF) vulnerability in Webmin 1.973 A Cross-site request forgery (CSRF) vulnerability exists in Webmin 1.973 through the File Manager feature. | 8.8 |
| 2022-04-08 | CVE-2022-26180 | Cross-Site Request Forgery (CSRF) vulnerability in Qdpm 9.2 qdPM 9.2 allows Cross-Site Request Forgery (CSRF) via the index.php/myAccount/update URI. | 8.8 |
| 2022-04-08 | CVE-2022-26588 | Cross-Site Request Forgery (CSRF) vulnerability in Icehrm 31.0.0.Os A Cross-Site Request Forgery (CSRF) in IceHrm 31.0.0.OS allows attackers to delete arbitrary users or achieve account takeover via the app/service.php URI. | 6.5 |
| 2022-04-08 | CVE-2020-4668 | Cross-Site Request Forgery (CSRF) vulnerability in IBM Sterling B2B Integrator IBM Sterling B2B Integrator Standard Edition 6.0.0.0 through 6.0.3.5, 6.1.0.0 through 6.1.0.3, and 6.1.1.0 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts. | 8.8 |
| 2022-04-06 | CVE-2022-20774 | Cross-Site Request Forgery (CSRF) vulnerability in Cisco products A vulnerability in the web-based management interface of Cisco IP Phone 6800, 7800, and 8800 Series with Multiplatform Firmware could allow an unauthenticated, remote attacker to conduct a cross-site request forgery (CSRF) attack against a user of the web-based interface of an affected system. | 8.1 |