Vulnerabilities > Cross-Site Request Forgery (CSRF)
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-02-12 | CVE-2020-1977 | Cross-Site Request Forgery (CSRF) vulnerability in Paloaltonetworks Expedition Migration Tool Insufficient Cross-Site Request Forgery (XSRF) protection on Expedition Migration Tool allows remote unauthenticated attackers to hijack the authentication of administrators and to perform actions on the Expedition Migration Tool. | 8.8 |
| 2020-02-12 | CVE-2020-2116 | Cross-Site Request Forgery (CSRF) vulnerability in Jenkins Pipeline Github Notify Step A cross-site request forgery vulnerability in Jenkins Pipeline GitHub Notify Step Plugin 1.0.4 and earlier allows attackers to connect to an attacker-specified URL using attacker-specified credentials IDs obtained through another method, capturing credentials stored in Jenkins. | 8.8 |
| 2020-02-12 | CVE-2019-20100 | Cross-Site Request Forgery (CSRF) vulnerability in Atlassian Jira The Atlassian Application Links plugin is vulnerable to cross-site request forgery (CSRF). | 4.7 |
| 2020-02-12 | CVE-2019-20099 | Cross-Site Request Forgery (CSRF) vulnerability in Atlassian Jira Server The VerifyPopServerConnection!add.jspa component in Atlassian Jira Server and Data Center before version 8.7.0 is vulnerable to cross-site request forgery (CSRF). | 4.3 |
| 2020-02-12 | CVE-2019-20098 | Cross-Site Request Forgery (CSRF) vulnerability in Atlassian Jira Server The VerifySmtpServerConnection!add.jspa component in Atlassian Jira Server and Data Center before version 8.7.0 is vulnerable to cross-site request forgery (CSRF). | 4.3 |
| 2020-02-11 | CVE-2012-6721 | Cross-Site Request Forgery (CSRF) vulnerability in Socialengine 4.2.2 Multiple cross-site request forgery (CSRF) vulnerabilities in the (1) Forum, (2) Event, and (3) Classifieds plugins in SocialEngine before 4.2.4. | 6.3 |
| 2020-02-10 | CVE-2019-19668 | Cross-Site Request Forgery (CSRF) vulnerability in Maxum Rumpus FTP 8.2.9.1 A CSRF vulnerability exists in the File Types component of Web File Manager in Rumpus FTP 8.2.9.1 that allows an attacker to add or delete the file types that are used on the server via RAPR/TriggerServerFunction.html. | 4.3 |
| 2020-02-10 | CVE-2019-19669 | Cross-Site Request Forgery (CSRF) vulnerability in Maxum Rumpus FTP 8.2.9.1 A CSRF vulnerability exists in the Upload Center Forms Component of Web File Manager in Rumpus FTP 8.2.9.1. | 6.5 |
| 2020-02-10 | CVE-2019-19667 | Cross-Site Request Forgery (CSRF) vulnerability in Maxum Rumpus FTP 8.2.9.1 A CSRF vulnerability exists in the Block Clients component of Web File Manager in Rumpus FTP 8.2.9.1 that could allow an attacker to whitelist or block any IP address via RAPR/BlockedClients.html. | 5.4 |
| 2020-02-10 | CVE-2019-19666 | Cross-Site Request Forgery (CSRF) vulnerability in Maxum Rumpus FTP 8.2.9.1 A CSRF vulnerability exists in the Event Notices Settings of Web File Manager in Rumpus FTP 8.2.9.1. | 4.3 |