Vulnerabilities > Cross-Site Request Forgery (CSRF)

DATE CVE VULNERABILITY TITLE RISK
2021-03-11 CVE-2020-24984 Cross-Site Request Forgery (CSRF) vulnerability in Quadbase Espressreports ES 7
An issue was discovered in Quadbase EspressReports ES 7 Update 9.
network
low complexity
quadbase CWE-352
8.8
8.8
2021-03-11 CVE-2020-24983 Cross-Site Request Forgery (CSRF) vulnerability in Quadbase Espressreports ES 7
An issue was discovered in Quadbase EspressReports ES 7 Update 9.
network
low complexity
quadbase CWE-352
8.8
8.8
2021-03-11 CVE-2020-14989 Cross-Site Request Forgery (CSRF) vulnerability in Bloomreach Experience Manager
An issue was discovered in Bloomreach Experience Manager (brXM) 4.1.0 through 14.2.2.
network
low complexity
bloomreach CWE-352
6.5
6.5
2021-03-10 CVE-2020-35223 Cross-Site Request Forgery (CSRF) vulnerability in Netgear Gs116E Firmware and Jgs516Pe Firmware
The CSRF protection mechanism implemented in the web administration panel on NETGEAR JGS516PE/GS116Ev2 v2.6.0.43 devices could be bypassed by omitting the CSRF token parameter in HTTP requests.
network
low complexity
netgear CWE-352
8.8
8.8
2021-03-10 CVE-2020-28705 Cross-Site Request Forgery (CSRF) vulnerability in Thedaylightstudio Fuel CMS 1.4.13
FUEL CMS 1.4.13 contains a cross-site request forgery (CSRF) vulnerability that can delete a page via a post ID to /pages/delete/3.
network
low complexity
thedaylightstudio CWE-352
4.3
4.3
2021-03-08 CVE-2020-27574 Cross-Site Request Forgery (CSRF) vulnerability in Maxum Rumpus 8.2.13/8.2.14
Maxum Rumpus 8.2.13 and 8.2.14 is affected by cross-site request forgery (CSRF).
network
low complexity
maxum CWE-352
8.8
8.8
2021-03-05 CVE-2020-29030 Cross-Site Request Forgery (CSRF) vulnerability in Secomea Gatemanager Firmware
Cross-Site Request Forgery (CSRF) vulnerability in web GUI of Secomea GateManager allows an attacker to execute malicious code.
network
low complexity
secomea CWE-352
8.8
8.8
2021-03-05 CVE-2021-26961 Cross-Site Request Forgery (CSRF) vulnerability in Arubanetworks Airwave
A remote unauthenticated cross-site request forgery (csrf) vulnerability was discovered in Aruba AirWave Management Platform version(s): Prior to 8.2.12.0.
network
low complexity
arubanetworks CWE-352
8.8
8.8
2021-03-05 CVE-2021-26960 Cross-Site Request Forgery (CSRF) vulnerability in Arubanetworks Airwave
A remote unauthenticated cross-site request forgery (csrf) vulnerability was discovered in Aruba AirWave Management Platform version(s): Prior to 8.2.12.0.
network
low complexity
arubanetworks CWE-352
8.8
8.8
2021-03-03 CVE-2021-27927 Cross-Site Request Forgery (CSRF) vulnerability in Zabbix
In Zabbix from 4.0.x before 4.0.28rc1, 5.0.0alpha1 before 5.0.10rc1, 5.2.x before 5.2.6rc1, and 5.4.0alpha1 before 5.4.0beta2, the CControllerAuthenticationUpdate controller lacks a CSRF protection mechanism.
network
low complexity
zabbix CWE-352
8.8
8.8