Vulnerabilities > Cross-Site Request Forgery (CSRF)
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-12-17 | CVE-2020-8461 | Cross-Site Request Forgery (CSRF) vulnerability in Trendmicro Interscan web Security Virtual Appliance 6.5 A CSRF protection bypass vulnerability in Trend Micro InterScan Web Security Virtual Appliance 6.5 SP2 could allow an attacker to get a victim's browser to send a specifically encoded request without requiring a valid CSRF token. | 8.8 |
| 2020-12-17 | CVE-2020-25095 | Cross-Site Request Forgery (CSRF) vulnerability in Logrhythm Platform Manager 7.4.9 LogRhythm Platform Manager (PM) 7.4.9 allows CSRF. | 8.8 |
| 2020-12-16 | CVE-2020-4904 | Cross-Site Request Forgery (CSRF) vulnerability in IBM Financial Transaction Manager for Multiplatform 3.2.4 IBM Financial Transaction Manager for SWIFT Services for Multiplatforms 3.2.4 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts. | 6.5 |
| 2020-12-16 | CVE-2020-28931 | Cross-Site Request Forgery (CSRF) vulnerability in Epson EPS TSE Server 8 Firmware 21.0.11 Lack of an anti-CSRF token in the entire administrative interface in EPSON EPS TSE Server 8 (21.0.11) allows an unauthenticated attacker to force an administrator to execute external POST requests by visiting a malicious website. | 8.8 |
| 2020-12-16 | CVE-2019-14481 | Cross-Site Request Forgery (CSRF) vulnerability in Adremsoft Netcrunch 10.6.0.4587 AdRem NetCrunch 10.6.0.4587 has a Cross-Site Request Forgery (CSRF) vulnerability in the NetCrunch web client. | 5.4 |
| 2020-12-16 | CVE-2020-25622 | Cross-Site Request Forgery (CSRF) vulnerability in Solarwinds N-Central 12.3.0.670 An issue was discovered in SolarWinds N-Central 12.3.0.670. | 8.8 |
| 2020-12-14 | CVE-2020-8282 | Cross-Site Request Forgery (CSRF) vulnerability in UI products A security issue was found in EdgePower 24V/54V firmware v1.7.0 and earlier where, due to missing CSRF protections, an attacker would have been able to perform unauthorized remote code execution. | 8.8 |
| 2020-12-14 | CVE-2020-28858 | Cross-Site Request Forgery (CSRF) vulnerability in Openasset Digital Asset Management OpenAsset Digital Asset Management (DAM) through 12.0.19 does not correctly verify whether a request made to the application was intentionally made by the user, allowing for cross-site request forgery attacks on all user functions. | 8.8 |
| 2020-12-11 | CVE-2020-29254 | Cross-Site Request Forgery (CSRF) vulnerability in Tiki Tikiwiki Cms/Groupware 21.2 TikiWiki 21.2 allows templates to be edited without CSRF protection. | 8.8 |
| 2020-12-11 | CVE-2020-28838 | Cross-Site Request Forgery (CSRF) vulnerability in Opencart 3.0.3.6 Cross Site Request Forgery (CSRF) in CART option in OpenCart Ltd. | 3.5 |