Vulnerabilities > Cross-Site Request Forgery (CSRF)
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-02-19 | CVE-2019-12437 | Cross-Site Request Forgery (CSRF) vulnerability in Silverstripe In SilverStripe through 4.3.3, the previous fix for SS-2018-007 does not completely mitigate the risk of CSRF in GraphQL mutations, | 8.8 |
| 2020-02-19 | CVE-2019-12246 | Cross-Site Request Forgery (CSRF) vulnerability in Silverstripe SilverStripe through 4.3.3 allows a Denial of Service on flush and development URL tools. | 4.3 |
| 2020-02-18 | CVE-2020-9271 | Cross-Site Request Forgery (CSRF) vulnerability in Icehrm 26.2.0.Os ICE Hrm 26.2.0 is vulnerable to CSRF that leads to user creation via service.php. | 6.5 |
| 2020-02-18 | CVE-2020-9270 | Cross-Site Request Forgery (CSRF) vulnerability in Icehrm 26.2.0.Os ICE Hrm 26.2.0 is vulnerable to CSRF that leads to password reset via service.php. | 8.8 |
| 2020-02-18 | CVE-2020-9267 | Cross-Site Request Forgery (CSRF) vulnerability in Soplanning 1.45 SOPlanning 1.45 is vulnerable to a CSRF attack that allows for arbitrary user creation via process/xajax_server.php. | 6.5 |
| 2020-02-18 | CVE-2020-9266 | Cross-Site Request Forgery (CSRF) vulnerability in Soplanning 1.45 SOPlanning 1.45 is vulnerable to a CSRF attack that allows for arbitrary changing of the admin password via process/xajax_server.php. | 6.5 |
| 2020-02-18 | CVE-2020-6844 | Cross-Site Request Forgery (CSRF) vulnerability in Topmanage OLK Webstore 2020 In TopManage OLK 2020, login CSRF can be chained with another vulnerability in order to takeover admin and user accounts. | 8.8 |
| 2020-02-18 | CVE-2013-4227 | Cross-Site Request Forgery (CSRF) vulnerability in Mozilla Persona Cross-site request forgery (CSRF) vulnerability in the persona_xsrf_token function in persona.module in the Mozilla Persona module 7.x-1.x before 7.x-1.11 for Drupal allows remote attackers to hijack the authentication of aribitrary users via a security token that is not a string data type. | 8.8 |
| 2020-02-18 | CVE-2020-5530 | Cross-Site Request Forgery (CSRF) vulnerability in Realestateconnected Easy Property Listings Cross-site request forgery (CSRF) vulnerability in Easy Property Listings versions prior to 3.4 allows remote attackers to hijack the authentication of administrators via unspecified vectors. | 8.8 |
| 2020-02-14 | CVE-2013-4792 | Cross-Site Request Forgery (CSRF) vulnerability in Prestashop PrestaShop before 1.4.11 allows logout CSRF. | 5.5 |