Vulnerabilities > Cross-Site Request Forgery (CSRF)
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-08-13 | CVE-2020-7304 | Cross-Site Request Forgery (CSRF) vulnerability in Mcafee Data Loss Prevention Cross site request forgery vulnerability in McAfee Data Loss Prevention (DLP) ePO extension prior to 11.5.3 allows authenticated remote attacker to embed a CRSF script via adding a new label. | 7.6 |
| 2020-08-12 | CVE-2020-2237 | Cross-Site Request Forgery (CSRF) vulnerability in Jenkins Flaky Test Handler A cross-site request forgery (CSRF) vulnerability in Jenkins Flaky Test Handler Plugin 1.0.4 and earlier allows attackers to rebuild a project at a previous git revision. | 4.3 |
| 2020-08-12 | CVE-2020-2235 | Cross-Site Request Forgery (CSRF) vulnerability in Jenkins Pipeline Maven Integration A cross-site request forgery (CSRF) vulnerability in Jenkins Pipeline Maven Integration Plugin 3.8.2 and earlier allows attackers to connect to an attacker-specified JDBC URL using attacker-specified credentials IDs obtained through another method, potentially capturing credentials stored in Jenkins. | 6.5 |
| 2020-08-11 | CVE-2020-7029 | Cross-Site Request Forgery (CSRF) vulnerability in Avaya Aura Communication Manager and Aura Messaging A Cross-Site Request Forgery (CSRF) vulnerability was discovered in the System Management Interface Web component of Avaya Aura Communication Manager and Avaya Aura Messaging. | 8.8 |
| 2020-08-10 | CVE-2020-12781 | Cross-Site Request Forgery (CSRF) vulnerability in Combodo Itop Combodo iTop contains a cross-site request forgery (CSRF) vulnerability, attackers can execute specific commands via malicious site request forgery. | 8.8 |
| 2020-08-05 | CVE-2020-16253 | Cross-Site Request Forgery (CSRF) vulnerability in Pghero Project Pghero The PgHero gem through 2.6.0 for Ruby allows CSRF. | 8.1 |
| 2020-08-05 | CVE-2020-16252 | Cross-Site Request Forgery (CSRF) vulnerability in Field Test Project Field Test The Field Test gem 0.2.0 through 0.3.2 for Ruby allows CSRF. | 4.3 |
| 2020-08-04 | CVE-2020-15135 | Cross-Site Request Forgery (CSRF) vulnerability in Save-Server Project Save-Server 1.0.3/1.0.4 save-server (npm package) before version 1.05 is affected by a CSRF vulnerability, as there is no CSRF mitigation (Tokens etc.). | 7.6 |
| 2020-08-04 | CVE-2020-5615 | Cross-Site Request Forgery (CSRF) vulnerability in multiple products Cross-site request forgery (CSRF) vulnerability in [Calendar01] free edition ver1.0.0 and [Calendar02] free edition ver1.0.0 allows remote attackers to hijack the authentication of administrators via unspecified vectors. | 8.8 |
| 2020-08-03 | CVE-2020-5770 | Cross-Site Request Forgery (CSRF) vulnerability in Teltonika-Networks Trb245 Firmware 00.02.04.01 Cross-site request forgery in Teltonika firmware TRB2_R_00.02.04.01 allows a remote attacker to perform sensitive application actions by tricking legitimate users into clicking a crafted link. | 8.8 |