Vulnerabilities > Cross-Site Request Forgery (CSRF)
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-09-15 | CVE-2020-21126 | Cross-Site Request Forgery (CSRF) vulnerability in Metinfo 7.0.0 MetInfo 7.0.0 contains a Cross-Site Request Forgery (CSRF) via admin/?n=admin&c=index&a=doSaveInfo. | 8.8 |
| 2021-09-15 | CVE-2020-19159 | Cross-Site Request Forgery (CSRF) vulnerability in Laiketui 3.0 Cross Site Request Forgery (CSRF) in LaikeTui v3 allows remote attackers to execute arbitrary code via the component '/index.php?module=member&action=add'. | 8.8 |
| 2021-09-14 | CVE-2021-23026 | Cross-Site Request Forgery (CSRF) vulnerability in F5 products BIG-IP version 16.0.x before 16.0.1.2, 15.1.x before 15.1.3, 14.1.x before 14.1.4.2, 13.1.x before 13.1.4.1, and all versions of 12.1.x and 11.6.x and all versions of BIG-IQ 8.x, 7.x, and 6.x are vulnerable to cross-site request forgery (CSRF) attacks through iControl SOAP. | 8.8 |
| 2021-09-14 | CVE-2020-21081 | Cross-Site Request Forgery (CSRF) vulnerability in Maccms 8.0 A cross-site request forgery (CSRF) in Maccms 8.0 causes administrators to add and modify articles without their knowledge via clicking on a crafted URL. | 6.5 |
| 2021-09-14 | CVE-2021-39124 | Cross-Site Request Forgery (CSRF) vulnerability in Atlassian Data Center and Jira The Cross-Site Request Forgery (CSRF) failure retry feature of Atlassian Jira Server and Data Center before version 8.16.0 allows remote attackers who are able to trick a user into retrying a request to bypass CSRF protection and replay a crafted request. | 4.3 |
| 2021-09-13 | CVE-2020-20671 | Cross-Site Request Forgery (CSRF) vulnerability in Kitesky Kitecms 1.1 A cross-site request forgery (CSRF) in KiteCMS V1.1 allows attackers to arbitrarily add an administrator account. | 8.8 |
| 2021-09-13 | CVE-2021-24491 | Cross-Site Request Forgery (CSRF) vulnerability in Fileviewer Project Fileviewer 2.2 The Fileviewer WordPress plugin through 2.2 does not have CSRF checks in place when performing actions such as upload and delete files. | 8.8 |
| 2021-09-09 | CVE-2020-19280 | Cross-Site Request Forgery (CSRF) vulnerability in Jeesns 1.4.2 Jeesns 1.4.2 contains a cross-site request forgery (CSRF) which allows attackers to escalate privileges and perform sensitive program operations. | 8.8 |
| 2021-09-09 | CVE-2020-19263 | Cross-Site Request Forgery (CSRF) vulnerability in Mipcms 5.0.1 A cross-site request forgery (CSRF) in MipCMS v5.0.1 allows attackers to arbitrarily escalate user privileges to administrator via index.php?s=/user/ApiAdminUser/itemEdit. | 8.8 |
| 2021-09-09 | CVE-2020-19264 | Cross-Site Request Forgery (CSRF) vulnerability in Mipcms 5.0.1 A cross-site request forgery (CSRF) in MipCMS v5.0.1 allows attackers to arbitrarily add users via index.php?s=/user/ApiAdminUser/itemAdd. | 6.5 |