Vulnerabilities > Cross-Site Request Forgery (CSRF)
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-04-02 | CVE-2021-22202 | Cross-Site Request Forgery (CSRF) vulnerability in Gitlab An issue has been discovered in GitLab CE/EE affecting all previous versions. | 4.3 |
| 2021-04-01 | CVE-2021-25924 | Cross-Site Request Forgery (CSRF) vulnerability in Thoughtworks Gocd In GoCD, versions 19.6.0 to 21.1.0 are vulnerable to Cross-Site Request Forgery due to missing CSRF protection at the `/go/api/config/backup` endpoint. | 8.8 |
| 2021-04-01 | CVE-2021-26071 | Cross-Site Request Forgery (CSRF) vulnerability in Atlassian products The SetFeatureEnabled.jspa resource in Jira Server and Data Center before version 8.5.13, from version 8.6.0 before version 8.13.5, and from version 8.14.0 before version 8.15.1 allows remote anonymous attackers to enable and disable Jira Software configuration via a cross-site request forgery (CSRF) vulnerability. | 3.5 |
| 2021-03-31 | CVE-2021-29349 | Cross-Site Request Forgery (CSRF) vulnerability in Mahara 20.10 Mahara 20.10 is affected by Cross Site Request Forgery (CSRF) that allows a remote attacker to remove inbox-mail on the server. | 6.5 |
| 2021-03-30 | CVE-2021-21638 | Cross-Site Request Forgery (CSRF) vulnerability in Jenkins Team Foundation Server A cross-site request forgery (CSRF) vulnerability in Jenkins Team Foundation Server Plugin 5.157.1 and earlier allows attackers to connect to an attacker-specified URL using attacker-specified credentials IDs obtained through another method, capturing credentials stored in Jenkins. | 8.8 |
| 2021-03-30 | CVE-2021-21633 | Cross-Site Request Forgery (CSRF) vulnerability in Jenkins Owasp Dependency-Track A cross-site request forgery (CSRF) vulnerability in Jenkins OWASP Dependency-Track Plugin 3.1.0 and earlier allows attackers to connect to an attacker-specified URL, capturing credentials stored in Jenkins. | 8.8 |
| 2021-03-30 | CVE-2021-21629 | Cross-Site Request Forgery (CSRF) vulnerability in Jenkins Build With Parameters A cross-site request forgery (CSRF) vulnerability in Jenkins Build With Parameters Plugin 1.5 and earlier allows attackers to build a project with attacker-specified parameters. | 8.8 |
| 2021-03-30 | CVE-2020-19639 | Cross-Site Request Forgery (CSRF) vulnerability in Insma Wifi Mini SPY 1080P HD Security IP Camera Firmware 1.9.7B Cross Site Request Forgery (CSRF) vulnerability in INSMA Wifi Mini Spy 1080P HD Security IP Camera 1.9.7 B, via all fields to WebUI. | 8.8 |
| 2021-03-24 | CVE-2020-36283 | Cross-Site Request Forgery (CSRF) vulnerability in Hidglobal Omnikey 5127 Firmware and Omnikey 5427 Firmware HID OMNIKEY 5427 and OMNIKEY 5127 readers are vulnerable to CSRF when using the EEM driver (Ethernet Emulation Mode). | 8.8 |
| 2021-03-18 | CVE-2021-26216 | Cross-Site Request Forgery (CSRF) vulnerability in Seeddms SeedDMS 5.1.x is affected by cross-site request forgery (CSRF) in out.EditFolder.php. | 4.3 |