Vulnerabilities > Cross-Site Request Forgery (CSRF)

DATE CVE VULNERABILITY TITLE RISK
2021-03-02 CVE-2021-27885 Cross-Site Request Forgery (CSRF) vulnerability in E107
usersettings.php in e107 through 2.3.0 lacks a certain e_TOKEN protection mechanism.
network
low complexity
e107 CWE-352
8.8
8.8
2021-02-24 CVE-2021-21620 Cross-Site Request Forgery (CSRF) vulnerability in Jenkins Claim
A cross-site request forgery (CSRF) vulnerability in Jenkins Claim Plugin 2.18.1 and earlier allows attackers to change claims.
network
low complexity
jenkins CWE-352
4.3
4.3
2021-02-24 CVE-2021-21617 Cross-Site Request Forgery (CSRF) vulnerability in Jenkins Configuration Slicing
A cross-site request forgery (CSRF) vulnerability in Jenkins Configuration Slicing Plugin 1.51 and earlier allows attackers to apply different slice configurations.
network
low complexity
jenkins CWE-352
8.8
8.8
2021-02-19 CVE-2020-27997 Cross-Site Request Forgery (CSRF) vulnerability in Smartstore Smartstorenet
An issue was discovered in SmartStoreNET before 4.1.0.
network
low complexity
smartstore CWE-352
8.8
8.8
2021-02-19 CVE-2021-26296 Cross-Site Request Forgery (CSRF) vulnerability in multiple products
In the default configuration, Apache MyFaces Core versions 2.2.0 to 2.2.13, 2.3.0 to 2.3.7, 2.3-next-M1 to 2.3-next-M4, and 3.0.0-RC1 use cryptographically weak implicit and explicit cross-site request forgery (CSRF) tokens.
network
high complexity
apache netapp CWE-352
7.5
7.5
2021-02-19 CVE-2020-36247 Cross-Site Request Forgery (CSRF) vulnerability in OSC Open Ondemand
Open OnDemand before 1.5.7 and 1.6.x before 1.6.22 allows CSRF.
network
low complexity
osc CWE-352
8.8
8.8
2021-02-16 CVE-2021-20073 Cross-Site Request Forgery (CSRF) vulnerability in Racom M!Dge Firmware 4.4.40.105
Racom's MIDGE Firmware 4.4.40.105 contains an issue that allows for cross-site request forgeries.
network
low complexity
racom CWE-352
8.8
8.8
2021-02-12 CVE-2021-20650 Cross-Site Request Forgery (CSRF) vulnerability in Elecom Ncc-Ewf100Rmwh2 Firmware
Cross-site request forgery (CSRF) vulnerability in ELECOM NCC-EWF100RMWH2 allows remote attackers to hijack the authentication of administrators and execute an arbitrary request via unspecified vector.
network
low complexity
elecom CWE-352
6.5
6.5
2021-02-12 CVE-2021-20647 Cross-Site Request Forgery (CSRF) vulnerability in Elecom Wrc-300Febk-S Firmware
Cross-site request forgery (CSRF) vulnerability in ELECOM WRC-300FEBK-S allows remote attackers to hijack the authentication of administrators and execute an arbitrary request via unspecified vector.
network
low complexity
elecom CWE-352
6.5
6.5
2021-02-12 CVE-2021-20646 Cross-Site Request Forgery (CSRF) vulnerability in Elecom Wrc-300Febk-A Firmware
Cross-site request forgery (CSRF) vulnerability in ELECOM WRC-300FEBK-A allows remote attackers to hijack the authentication of administrators and execute an arbitrary request via unspecified vector.
network
low complexity
elecom CWE-352
6.5
6.5