Vulnerabilities > Cross-Site Request Forgery (CSRF)

DATE CVE VULNERABILITY TITLE RISK
2020-06-23 CVE-2020-13155 Cross-Site Request Forgery (CSRF) vulnerability in Nukeviet 4.4
clearsystem.php in NukeViet 4.4 allows CSRF with resultant HTML injection via the deltype parameter to the admin/index.php?nv=webtools&op=clearsystem URI.
network
low complexity
nukeviet CWE-352
8.8
8.8
2020-06-22 CVE-2020-13426 Cross-Site Request Forgery (CSRF) vulnerability in Bdtask Multi-Scheduler 1.0.0
The Multi-Scheduler plugin 1.0.0 for WordPress has a Cross-Site Request Forgery (CSRF) vulnerability in the forms it presents, allowing the possibility of deleting records (users) when an ID is known.
network
low complexity
bdtask CWE-352
6.5
6.5
2020-06-22 CVE-2020-14203 Cross-Site Request Forgery (CSRF) vulnerability in IBI Webfocus Business Intelligence 8.0
WebFOCUS Business Intelligence 8.0 (SP6) allows a Cross-Site Request Forgery (CSRF) attack against administrative users within the /ibi_apps/WFServlet(.ibfs) endpoint.
network
low complexity
ibi CWE-352
8.8
8.8
2020-06-19 CVE-2019-20891 Cross-Site Request Forgery (CSRF) vulnerability in Woocommerce
WooCommerce before 3.6.5, when it handles CSV imports of products, has a cross-site request forgery (CSRF) issue with resultant stored cross-site scripting (XSS) via includes/admin/importers/class-wc-product-csv-importer-controller.php.
network
low complexity
woocommerce CWE-352
8.8
8.8
2020-06-19 CVE-2016-11084 Cross-Site Request Forgery (CSRF) vulnerability in Mattermost Server
An issue was discovered in Mattermost Server before 2.1.0.
network
low complexity
mattermost CWE-352
6.1
6.1
2020-06-19 CVE-2017-18903 Cross-Site Request Forgery (CSRF) vulnerability in Mattermost Server
An issue was discovered in Mattermost Server before 4.0.0, 3.10.2, and 3.9.2.
network
low complexity
mattermost CWE-352
8.8
8.8
2020-06-19 CVE-2020-8167 Cross-Site Request Forgery (CSRF) vulnerability in multiple products
A CSRF vulnerability exists in rails <= 6.0.3 rails-ujs module that could allow attackers to send CSRF tokens to wrong domains.
network
low complexity
rubyonrails debian CWE-352
6.5
6.5
2020-06-19 CVE-2019-20865 Cross-Site Request Forgery (CSRF) vulnerability in Mattermost Server
An issue was discovered in Mattermost Server before 5.12.0, 5.11.1, 5.10.2, 5.9.2, and 4.10.10.
network
low complexity
mattermost CWE-352
8.8
8.8
2020-06-19 CVE-2019-20841 Cross-Site Request Forgery (CSRF) vulnerability in Mattermost Server
An issue was discovered in Mattermost Server before 5.18.0, 5.17.2, 5.16.4, 5.15.4, and 5.9.7.
network
low complexity
mattermost CWE-352
8.8
8.8
2020-06-18 CVE-2020-14432 Cross-Site Request Forgery (CSRF) vulnerability in Netgear products
Certain NETGEAR devices are affected by CSRF.
network
low complexity
netgear CWE-352
8.8
8.8