Vulnerabilities > Cross-Site Request Forgery (CSRF)
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-07-30 | CVE-2021-20783 | Cross-Site Request Forgery (CSRF) vulnerability in Softbank Optical BB Unit E-Wmta Firmware 2.3 Cross-site request forgery (CSRF) vulnerability in Optical BB unit E-WMTA2.3 allows a remote attacker to hijack the authentication of administrators via a specially crafted page. | 8.8 |
| 2021-07-30 | CVE-2021-20786 | Cross-Site Request Forgery (CSRF) vulnerability in Groupsession products Cross-site request forgery (CSRF) vulnerability in GroupSession (GroupSession Free edition from ver2.2.0 to the version prior to ver5.1.0, GroupSession byCloud from ver3.0.3 to the version prior to ver5.1.0, and GroupSession ZION from ver3.0.3 to the version prior to ver5.1.0) allows a remote attacker to hijack the authentication of administrators via a specially crafted URL. | 4.3 |
| 2021-07-21 | CVE-2021-32776 | Cross-Site Request Forgery (CSRF) vulnerability in Combodo Itop Combodo iTop is a web based IT Service Management tool. | 8.8 |
| 2021-07-21 | CVE-2021-21407 | Cross-Site Request Forgery (CSRF) vulnerability in Combodo Itop Combodo iTop is an open source, web based IT Service Management tool. | 6.5 |
| 2021-07-21 | CVE-2021-34619 | Cross-Site Request Forgery (CSRF) vulnerability in Storeapps Stock Manager for Woocommerce The WooCommerce Stock Manager WordPress plugin is vulnerable to Cross-Site Request Forgery leading to Arbitrary File Upload in versions up to, and including, 2.5.7 due to missing nonce and file validation in the /woocommerce-stock-manager/trunk/admin/views/import-export.php file. | 8.8 |
| 2021-07-20 | CVE-2020-15660 | Cross-Site Request Forgery (CSRF) vulnerability in Mozilla Geckodriver Missing checks on Content-Type headers in geckodriver before 0.27.0 could lead to a CSRF vulnerability, that might, when paired with a specifically prepared request, lead to remote code execution. | 8.8 |
| 2021-07-20 | CVE-2021-32774 | Cross-Site Request Forgery (CSRF) vulnerability in Miraheze Datadump DataDump is a MediaWiki extension that provides dumps of wikis. | 5.4 |
| 2021-07-16 | CVE-2020-4675 | Cross-Site Request Forgery (CSRF) vulnerability in IBM Infosphere Master Data Management Server 11.6 IBM InfoSphere Master Data Management Server 11.6 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts. | 6.5 |
| 2021-07-14 | CVE-2020-18151 | Cross-Site Request Forgery (CSRF) vulnerability in Thinkcmf 5.1.0 Cross Site Request Forgery (CSRF) vulnerability in ThinkCMF v5.1.0, which can add an admin account. | 6.5 |
| 2021-07-14 | CVE-2020-27379 | Cross-Site Request Forgery (CSRF) vulnerability in Bookingcore Booking Core 1.7.0 Cross Site Request Forgery (CSRF) vulnerability in Booking Core - Ultimate Booking System Booking Core 1.7.0 . | 6.5 |