Vulnerabilities > Cross-Site Request Forgery (CSRF)

DATE CVE VULNERABILITY TITLE RISK
2022-03-29 CVE-2022-28152 Cross-Site Request Forgery (CSRF) vulnerability in Jenkins JOB and Node Ownership
A cross-site request forgery (CSRF) vulnerability in Jenkins Job and Node ownership Plugin 0.13.0 and earlier allows attackers to restore the default ownership of a job.
network
low complexity
jenkins CWE-352
4.3
4.3
2022-03-28 CVE-2022-0427 Cross-Site Request Forgery (CSRF) vulnerability in Gitlab
Missing sanitization of HTML attributes in Jupyter notebooks in all versions of GitLab CE/EE since version 14.5 allows an attacker to perform arbitrary HTTP POST requests on a user's behalf leading to potential account takeover
network
low complexity
gitlab CWE-352
8.8
8.8
2022-03-25 CVE-2022-25523 Cross-Site Request Forgery (CSRF) vulnerability in Typesettercms Typesetter 5.1
TypesetterCMS v5.1 was discovered to contain a Cross-Site Request Forgery (CSRF) which is exploited via a crafted POST request.
network
low complexity
typesettercms CWE-352
8.8
8.8
2022-03-24 CVE-2022-25576 Cross-Site Request Forgery (CSRF) vulnerability in Anchorcms Anchor CMS 0.12.7
Anchor CMS v0.12.7 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component anchor/routes/posts.php.
network
low complexity
anchorcms CWE-352
4.5
4.5
2022-03-23 CVE-2022-25268 Cross-Site Request Forgery (CSRF) vulnerability in Passwork
Passwork On-Premise Edition before 4.6.13 allows CSRF via the groups, password, and history subsystems.
network
low complexity
passwork CWE-352
8.8
8.8
2022-03-23 CVE-2022-25608 Cross-Site Request Forgery (CSRF) vulnerability in Yooslider YOO Slider
Cross-Site Request Forgery (CSRF) in Yoo Slider – Image Slider & Video Slider (WordPress plugin) allows attackers to trick authenticated users into unwanted slider duplicate or delete action.
network
low complexity
yooslider CWE-352
5.4
5.4
2022-03-23 CVE-2021-43737 Cross-Site Request Forgery (CSRF) vulnerability in Xiaohuanxiong Project Xiaohuanxiong CMS 5.0.17
An issus was discovered in xiaohuanxiong CMS 5.0.17.
network
low complexity
xiaohuanxiong-project CWE-352
6.5
6.5
2022-03-23 CVE-2021-43738 Cross-Site Request Forgery (CSRF) vulnerability in Xiaohuanxiong CMS Project Xiaohuanxiong CMS 5.0.17
An issue was discovered in xiaohuanxiong CMS 5.0.17.
network
low complexity
xiaohuanxiong-cms-project CWE-352
8.8
8.8
2022-03-21 CVE-2021-40662 Cross-Site Request Forgery (CSRF) vulnerability in Chamilo 1.11.14
A Cross-Site Request Forgery (CSRF) in Chamilo LMS 1.11.14 allows attackers to execute arbitrary commands on victim hosts via user interaction with a crafted URL.
network
low complexity
chamilo CWE-352
8.8
8.8
2022-03-21 CVE-2022-23349 Cross-Site Request Forgery (CSRF) vulnerability in Bigantsoft Bigant Server 5.6.06
BigAnt Software BigAnt Server v5.6.06 was discovered to contain a Cross-Site Request Forgery (CSRF).
network
low complexity
bigantsoft CWE-352
8.8
8.8