Vulnerabilities > Cross-Site Request Forgery (CSRF)
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-12-11 | CVE-2020-29254 | Cross-Site Request Forgery (CSRF) vulnerability in Tiki Tikiwiki Cms/Groupware 21.2 TikiWiki 21.2 allows templates to be edited without CSRF protection. | 8.8 |
| 2020-12-11 | CVE-2020-28838 | Cross-Site Request Forgery (CSRF) vulnerability in Opencart 3.0.3.6 Cross Site Request Forgery (CSRF) in CART option in OpenCart Ltd. | 3.5 |
| 2020-12-11 | CVE-2020-35135 | Cross-Site Request Forgery (CSRF) vulnerability in Infolific Ultimate Category Excluder The ultimate-category-excluder plugin before 1.2 for WordPress allows ultimate-category-excluder.php CSRF. | 8.8 |
| 2020-12-03 | CVE-2020-2321 | Cross-Site Request Forgery (CSRF) vulnerability in Jenkins Shelve Project A cross-site request forgery (CSRF) vulnerability in Jenkins Shelve Project Plugin 3.0 and earlier allows attackers to shelve, unshelve, or delete a project. | 8.1 |
| 2020-12-02 | CVE-2020-14369 | Cross-Site Request Forgery (CSRF) vulnerability in Redhat Cloudforms This release fixes a Cross Site Request Forgery vulnerability was found in Red Hat CloudForms which forces end users to execute unwanted actions on a web application in which the user is currently authenticated. | 6.3 |
| 2020-12-02 | CVE-2020-29458 | Cross-Site Request Forgery (CSRF) vulnerability in Textpattern 4.6.2 Textpattern CMS 4.6.2 allows CSRF via the prefs subsystem. | 8.8 |
| 2020-11-30 | CVE-2020-4127 | Cross-Site Request Forgery (CSRF) vulnerability in Hcltech HCL Domino 10.0.1/9.0.1 HCL Domino is susceptible to a Login CSRF vulnerability. | 6.5 |
| 2020-11-30 | CVE-2020-17901 | Cross-Site Request Forgery (CSRF) vulnerability in Pbootcms 1.3.2 Cross-site request forgery (CSRF) in PbootCMS 1.3.2 allows attackers to change the password of a user. | 6.5 |
| 2020-11-27 | CVE-2020-7780 | Cross-Site Request Forgery (CSRF) vulnerability in Softwaremill Akka-Http-Session This affects the package com.softwaremill.akka-http-session:core_2.13 before 0.5.11; the package com.softwaremill.akka-http-session:core_2.12 before 0.5.11; the package com.softwaremill.akka-http-session:core_2.11 before 0.5.11. | 8.8 |
| 2020-11-26 | CVE-2020-26936 | Cross-Site Request Forgery (CSRF) vulnerability in Cloudera Data Engineering Cloudera Data Engineering (CDE) before 1.1 was vulnerable to a CSRF attack. | 8.8 |