Vulnerabilities > Cross-Site Request Forgery (CSRF)
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-04-23 | CVE-2021-31584 | Cross-Site Request Forgery (CSRF) vulnerability in Sipwise Next Generation Communication Platform 3.6.4 Sipwise C5 NGCP www_csc version 3.6.4 up to and including platform NGCP CE mr3.8.13 allows call/click2dial CSRF attacks for actions with administrative privileges. | 8.8 |
| 2021-04-21 | CVE-2021-21644 | Cross-Site Request Forgery (CSRF) vulnerability in Jenkins Config File Provider A cross-site request forgery (CSRF) vulnerability in Jenkins Config File Provider Plugin 3.7.0 and earlier allows attackers to delete configuration files corresponding to an attacker-specified ID. | 5.4 |
| 2021-04-14 | CVE-2021-27181 | Cross-Site Request Forgery (CSRF) vulnerability in Altn Mdaemon An issue was discovered in MDaemon before 20.0.4. | 8.8 |
| 2021-04-14 | CVE-2021-31152 | Cross-Site Request Forgery (CSRF) vulnerability in Multilaser Ac1200 Re018 Firmware V02.03.01.45Pt Multilaser Router AC1200 V02.03.01.45_pt contains a cross-site request forgery (CSRF) vulnerability. | 8.8 |
| 2021-04-13 | CVE-2021-21731 | Cross-Site Request Forgery (CSRF) vulnerability in ZTE Zxcloud Irai Firmware A CSRF vulnerability exists in the management page of a ZTE product.The vulnerability is caused because the management page does not fully verify whether the request comes from a trusted user. | 8.1 |
| 2021-04-13 | CVE-2021-29054 | Cross-Site Request Forgery (CSRF) vulnerability in Papoo 21.02/6.0.1 Certain Papoo products are affected by: Cross Site Request Forgery (CSRF) in the admin interface. | 8.8 |
| 2021-04-12 | CVE-2021-24230 | Cross-Site Request Forgery (CSRF) vulnerability in Patreon Wordpress The Jetpack Scan team identified a Cross-Site Request Forgery vulnerability in the Patreon WordPress plugin before 1.7.0, allowing attackers to make a logged in user overwrite or create arbitrary user metadata on the victim’s account once visited. | 8.1 |
| 2021-04-09 | CVE-2021-25326 | Cross-Site Request Forgery (CSRF) vulnerability in Skyworthdigital Rn510 Firmware 3.1.0.4 Skyworth Digital Technology RN510 V.3.1.0.4 is affected by an incorrect access control vulnerability in/cgi-bin/test_version.asp. | 5.4 |
| 2021-04-09 | CVE-2020-21884 | Cross-Site Request Forgery (CSRF) vulnerability in Indionetworks products Unibox SMB 2.4 and UniBox Enterprise Series 2.4 and UniBox Campus Series 2.4 contain a cross-site request forgery (CSRF) vulnerability in /tools/network-trace, /list_users, /list_byod?usertype=raduser, /dhcp_leases, /go?rid=202 in which a specially crafted HTTP request may reconfigure the device. | 8.8 |
| 2021-04-08 | CVE-2021-22512 | Cross-Site Request Forgery (CSRF) vulnerability in Microfocus Application Automation Tools Cross-Site Request Forgery (CSRF) vulnerability in Micro Focus Application Automation Tools Plugin - Jenkins plugin. | 6.5 |