Vulnerabilities > Cross-Site Request Forgery (CSRF)
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-10-21 | CVE-2020-3456 | Cross-Site Request Forgery (CSRF) vulnerability in Cisco Firepower Extensible Operating System 2.4(1.249) A vulnerability in the Cisco Firepower Chassis Manager (FCM) of Cisco FXOS Software could allow an unauthenticated, remote attacker to conduct a cross-site request forgery (CSRF) attack against a user of an affected device. | 8.8 |
| 2020-10-20 | CVE-2020-5790 | Cross-Site Request Forgery (CSRF) vulnerability in Nagios XI 5.7.3 Cross-site request forgery in Nagios XI 5.7.3 allows a remote attacker to perform sensitive application actions by tricking legitimate users into clicking a crafted link. | 6.5 |
| 2020-10-15 | CVE-2020-5642 | Cross-Site Request Forgery (CSRF) vulnerability in Onwebchat Live Chat - Live Support Cross-site request forgery (CSRF) vulnerability in Live Chat - Live support version 3.1.0 and earlier allows remote attackers to hijack the authentication of administrators via unspecified vectors. | 8.8 |
| 2020-10-12 | CVE-2020-4773 | Cross-Site Request Forgery (CSRF) vulnerability in IBM Curam Social Program Management 7.0.10.0/7.0.9.0 A cross-site request forgery (CSRF) vulnerability may impact IBM Curam Social Program Management 7.0.9 and 7.0.10, which is an attack that forces a user to execute unwanted actions on the web application while they are currently authenticated. | 6.5 |
| 2020-10-09 | CVE-2020-26912 | Cross-Site Request Forgery (CSRF) vulnerability in Netgear products Certain NETGEAR devices are affected by CSRF. | 8.8 |
| 2020-10-09 | CVE-2020-26522 | Cross-Site Request Forgery (CSRF) vulnerability in Garfield Petshop Project Garfield Petshop 20201001 A cross-site request forgery (CSRF) vulnerability in mod/user/act_user.php in Garfield Petshop through 2020-10-01 allows remote attackers to hijack the authentication of administrators for requests that create new administrative accounts. | 8.8 |
| 2020-10-08 | CVE-2020-26802 | Cross-Site Request Forgery (CSRF) vulnerability in Formalms 2.3.0.2 forma.lms 2.3.0.2 is affected by Cross Site Request Forgery (CSRF) in formalms/appCore/index.php?r=lms/profile/show&ap=saveinfo via a GET request to change the admin email address in order to accomplish an account takeover. | 8.8 |
| 2020-10-08 | CVE-2020-2296 | Cross-Site Request Forgery (CSRF) vulnerability in Jenkins Shared Objects A cross-site request forgery (CSRF) vulnerability in Jenkins Shared Objects Plugin 0.44 and earlier allows attackers to configure shared objects. | 4.3 |
| 2020-10-08 | CVE-2020-2295 | Cross-Site Request Forgery (CSRF) vulnerability in Barchart Maven Cascade Release A cross-site request forgery (CSRF) vulnerability in Jenkins Maven Cascade Release Plugin 1.3.2 and earlier allows attackers to start cascade builds and layout builds, and reconfigure the plugin. | 6.5 |
| 2020-10-08 | CVE-2020-25263 | Cross-Site Request Forgery (CSRF) vulnerability in Pyrocms 3.7 PyroCMS 3.7 is vulnerable to cross-site request forgery (CSRF) via the admin/addons/uninstall/anomaly.module.blocks URI: an arbitrary plugin will be deleted. | 7.1 |