Vulnerabilities > Cross-Site Request Forgery (CSRF)

DATE CVE VULNERABILITY TITLE RISK
2021-03-30 CVE-2021-21633 Cross-Site Request Forgery (CSRF) vulnerability in Jenkins Owasp Dependency-Track
A cross-site request forgery (CSRF) vulnerability in Jenkins OWASP Dependency-Track Plugin 3.1.0 and earlier allows attackers to connect to an attacker-specified URL, capturing credentials stored in Jenkins.
network
low complexity
jenkins CWE-352
8.8
8.8
2021-03-30 CVE-2021-21629 Cross-Site Request Forgery (CSRF) vulnerability in Jenkins Build With Parameters
A cross-site request forgery (CSRF) vulnerability in Jenkins Build With Parameters Plugin 1.5 and earlier allows attackers to build a project with attacker-specified parameters.
network
low complexity
jenkins CWE-352
8.8
8.8
2021-03-30 CVE-2020-19639 Cross-Site Request Forgery (CSRF) vulnerability in Insma Wifi Mini SPY 1080P HD Security IP Camera Firmware 1.9.7B
Cross Site Request Forgery (CSRF) vulnerability in INSMA Wifi Mini Spy 1080P HD Security IP Camera 1.9.7 B, via all fields to WebUI.
network
low complexity
insma CWE-352
8.8
8.8
2021-03-24 CVE-2020-36283 Cross-Site Request Forgery (CSRF) vulnerability in Hidglobal Omnikey 5127 Firmware and Omnikey 5427 Firmware
HID OMNIKEY 5427 and OMNIKEY 5127 readers are vulnerable to CSRF when using the EEM driver (Ethernet Emulation Mode).
network
low complexity
hidglobal CWE-352
8.8
8.8
2021-03-18 CVE-2021-26216 Cross-Site Request Forgery (CSRF) vulnerability in Seeddms
SeedDMS 5.1.x is affected by cross-site request forgery (CSRF) in out.EditFolder.php.
network
low complexity
seeddms CWE-352
4.3
4.3
2021-03-18 CVE-2021-26215 Cross-Site Request Forgery (CSRF) vulnerability in Seeddms
SeedDMS 5.1.x is affected by cross-site request forgery (CSRF) in out.EditDocument.php.
network
low complexity
seeddms CWE-352
4.3
4.3
2021-03-18 CVE-2021-24133 Cross-Site Request Forgery (CSRF) vulnerability in Activecampaign
Lack of CSRF checks in the ActiveCampaign WordPress plugin, versions before 8.0.2, on its Settings form, which could allow attacker to make a logged-in administrator change API Credentials to attacker's account.
network
low complexity
activecampaign CWE-352
4.3
4.3
2021-03-18 CVE-2021-21627 Cross-Site Request Forgery (CSRF) vulnerability in Jenkins Libvirt Agents
A cross-site request forgery (CSRF) vulnerability in Jenkins Libvirt Agents Plugin 1.9.0 and earlier allows attackers to stop hypervisor domains.
network
low complexity
jenkins CWE-352
8.8
8.8
2021-03-15 CVE-2020-29553 Cross-Site Request Forgery (CSRF) vulnerability in Getgrav Grav CMS
The Scheduler in Grav CMS through 1.7.0-rc.17 allows an attacker to execute a system command by tricking an admin into visiting a malicious website (CSRF).
network
low complexity
getgrav CWE-352
8.8
8.8
2021-03-15 CVE-2020-24982 Cross-Site Request Forgery (CSRF) vulnerability in Quadbase Espressdashboard 7.0
An issue was discovered in Quadbase ExpressDashboard (EDAB) 7 Update 9.
network
low complexity
quadbase CWE-352
4.3
4.3