Vulnerabilities > Cross-Site Request Forgery (CSRF)

DATE	CVE	VULNERABILITY TITLE	RISK
2021-05-24	CVE-2020-25411	Cross-Site Request Forgery (CSRF) vulnerability in Online Examination System Project Online Examination System 1.0 Projectworlds Online Examination System 1.0 is vulnerable to CSRF, which allows a remote attacker to delete the existing user. network low complexity online-examination-system-project CWE-352	6.5
2021-05-21	CVE-2021-21549	Cross-Site Request Forgery (CSRF) vulnerability in Dell Xtremio Management Server 6.3.0 Dell EMC XtremIO Versions prior to 6.3.3-8, contain a Cross-Site Request Forgery Vulnerability in XMS. network low complexity dell CWE-352	8.8
2021-05-20	CVE-2021-32632	Cross-Site Request Forgery (CSRF) vulnerability in Pajbot Pajbot is a Twitch chat bot. network low complexity pajbot CWE-352	4.3
2021-05-20	CVE-2021-25931	Cross-Site Request Forgery (CSRF) vulnerability in Opennms Horizon and Meridian In OpenNMS Horizon, versions opennms-1-0-stable through opennms-27.1.0-1; OpenNMS Meridian, versions meridian-foundation-2015.1.0-1 through meridian-foundation-2019.1.18-1; meridian-foundation-2020.1.0-1 through meridian-foundation-2020.1.6-1 are vulnerable to CSRF, due to no CSRF protection at `/opennms/admin/userGroupView/users/updateUser`. network low complexity opennms CWE-352	8.8
2021-05-20	CVE-2021-25930	Cross-Site Request Forgery (CSRF) vulnerability in Opennms Horizon and Meridian In OpenNMS Horizon, versions opennms-1-0-stable through opennms-27.1.0-1; OpenNMS Meridian, versions meridian-foundation-2015.1.0-1 through meridian-foundation-2019.1.18-1; meridian-foundation-2020.1.0-1 through meridian-foundation-2020.1.6-1 are vulnerable to CSRF, due to no CSRF protection, and since there is no validation of an existing user name while renaming a user. network low complexity opennms CWE-352	4.3
2021-05-19	CVE-2021-29624	Cross-Site Request Forgery (CSRF) vulnerability in Fastify Fastify-Csrf fastify-csrf is an open-source plugin helps developers protect their Fastify server against CSRF attacks. network low complexity fastify CWE-352	6.5
2021-05-18	CVE-2020-24740	Cross-Site Request Forgery (CSRF) vulnerability in Pluck-Cms Pluck 4.7.10 An issue was discovered in Pluck 4.7.10-dev2. network low complexity pluck-cms CWE-352	4.3
2021-05-17	CVE-2020-18195	Cross-Site Request Forgery (CSRF) vulnerability in Pluck-Cms Pluck 4.7.9 Cross Site Request Forgery (CSRF) in Pluck CMS v4.7.9 allows remote attackers to execute arbitrary code and delete a specific article via the component " /admin.php?action=page." network low complexity pluck-cms CWE-352	8.8
2021-05-17	CVE-2020-18198	Cross-Site Request Forgery (CSRF) vulnerability in Pluck-Cms Pluck 4.7.9 Cross Site Request Forgery (CSRF) in Pluck CMS v4.7.9 allows remote attackers to execute arbitrary code and delete specific images via the component " /admin.php?action=images." network low complexity pluck-cms CWE-352	8.8
2021-05-17	CVE-2021-32402	Cross-Site Request Forgery (CSRF) vulnerability in Intelbras RF 301K Firmware 1.1.2 Intelbras Router RF 301K Firmware 1.1.2 is vulnerable to Cross Site Request Forgery (CSRF) due to lack of validation and insecure configurations in inputs and modules. network low complexity intelbras CWE-352	8.8