Vulnerabilities > Cross-Site Request Forgery (CSRF)
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-12-26 | CVE-2019-6030 | Cross-Site Request Forgery (CSRF) vulnerability in Custom Body Class Project Custom Body Class Cross-site request forgery (CSRF) vulnerability in Custom Body Class 0.6.0 and earlier allows remote attackers to hijack the authentication of administrators via unspecified vectors. | 8.8 |
| 2019-12-26 | CVE-2019-6027 | Cross-Site Request Forgery (CSRF) vulnerability in Wpspellcheck Cross-site request forgery (CSRF) vulnerability in WP Spell Check 7.1.9 and earlier allows remote attackers to hijack the authentication of administrators via unspecified vectors. | 8.8 |
| 2019-12-26 | CVE-2019-19981 | Cross-Site Request Forgery (CSRF) vulnerability in Icegram Email Subscribers & Newsletters The WordPress plugin, Email Subscribers & Newsletters, before 4.2.3 had a flaw that allowed for CSRF to be exploited on all plugin settings. | 5.4 |
| 2019-12-20 | CVE-2019-4736 | Cross-Site Request Forgery (CSRF) vulnerability in IBM Financial Transaction Manager for Multiplatform 3.0.0.0 IBM Financial Transaction Manager 3.0 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts. | 4.3 |
| 2019-12-20 | CVE-2019-4231 | Cross-Site Request Forgery (CSRF) vulnerability in multiple products IBM Cognos Analytics 11.0 and 11.1 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts. | 4.3 |
| 2019-12-20 | CVE-2018-1934 | Cross-Site Request Forgery (CSRF) vulnerability in IBM Cognos Business Intelligence 10.2.2 IBM Cognos Business Intelligence 10.2.2 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts. | 8.8 |
| 2019-12-19 | CVE-2019-17633 | Cross-Site Request Forgery (CSRF) vulnerability in Eclipse CHE For Eclipse Che versions 6.16 to 7.3.0, with both authentication and TLS disabled, visiting a malicious web site could trigger the start of an arbitrary Che workspace. | 8.8 |
| 2019-12-18 | CVE-2019-19833 | Cross-Site Request Forgery (CSRF) vulnerability in Tautulli 2.1.9 In Tautulli 2.1.9, CSRF in the /shutdown URI allows an attacker to shut down the remote media server. | 6.5 |
| 2019-12-18 | CVE-2019-19832 | Cross-Site Request Forgery (CSRF) vulnerability in Xerox Altalink C8035 Firmware Xerox AltaLink C8035 printers allow CSRF. | 8.8 |
| 2019-12-17 | CVE-2019-11657 | Cross-Site Request Forgery (CSRF) vulnerability in Microfocus Arcsight Logger 6.61 Cross-Site Request Forgery vulnerability in all Micro Focus ArcSight Logger affecting all product versions below version 7.0. | 8.8 |