Vulnerabilities > Cross-Site Request Forgery (CSRF)
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-08-01 | CVE-2018-10899 | Cross-Site Request Forgery (CSRF) vulnerability in multiple products A flaw was found in Jolokia versions from 1.2 to before 1.6.1. | 8.8 |
| 2019-07-31 | CVE-2019-10186 | Cross-Site Request Forgery (CSRF) vulnerability in Moodle A flaw was found in moodle before versions 3.7.1, 3.6.5, 3.5.7. | 8.8 |
| 2019-07-31 | CVE-2019-3959 | Cross-Site Request Forgery (CSRF) vulnerability in Wallaceit Wallacepos 1.4.3 Cross-site request forgery in WallacePOS 1.4.3 allows a remote attacker to perform sensitive application actions by tricking legitimate users into clicking a crafted link. | 8.8 |
| 2019-07-31 | CVE-2018-20872 | Cross-Site Request Forgery (CSRF) vulnerability in I-Lan Draytekl Firmware DrayTek routers before 2018-05-23 allow CSRF attacks to change DNS or DHCP settings, a related issue to CVE-2017-11649. | 6.5 |
| 2019-07-31 | CVE-2019-10359 | Cross-Site Request Forgery (CSRF) vulnerability in Jenkins M2Release A cross-site request forgery vulnerability in Jenkins Maven Release Plugin 0.14.0 and earlier in the M2ReleaseAction#doSubmit method allowed attackers to perform releases with attacker-specified options. | 6.3 |
| 2019-07-30 | CVE-2019-14327 | Cross-Site Request Forgery (CSRF) vulnerability in Custom Simple RSS Project Custom Simple RSS A CSRF vulnerability in Settings form in the Custom Simple Rss plugin 2.0.6 for WordPress allows attackers to change the plugin settings. | 6.5 |
| 2019-07-29 | CVE-2016-10766 | Cross-Site Request Forgery (CSRF) vulnerability in EDX Edx-Platform edx-platform before 2016-06-06 allows CSRF. | 8.8 |
| 2019-07-28 | CVE-2019-14328 | Cross-Site Request Forgery (CSRF) vulnerability in Simple-Membership-Plugin Simple Membership The Simple Membership plugin before 3.8.5 for WordPress has CSRF affecting the Bulk Operation section. | 8.8 |
| 2019-07-25 | CVE-2019-4212 | Cross-Site Request Forgery (CSRF) vulnerability in IBM Qradar Security Information and Event Manager IBM QRadar SIEM 7.2 and 7.3 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts. | 8.8 |
| 2019-07-23 | CVE-2019-11712 | Cross-Site Request Forgery (CSRF) vulnerability in Mozilla Firefox POST requests made by NPAPI plugins, such as Flash, that receive a status 308 redirect response can bypass CORS requirements. | 8.8 |