Vulnerabilities > Cross-Site Request Forgery (CSRF)
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-01-13 | CVE-2019-6249 | Cross-Site Request Forgery (CSRF) vulnerability in Hucart 5.7.4 An issue was discovered in HuCart v5.7.4. | 8.8 |
| 2019-01-12 | CVE-2019-6244 | Cross-Site Request Forgery (CSRF) vulnerability in Usualtool Usualtoolcms 8.0 An issue was discovered in UsualToolCMS 8.0. | 8.8 |
| 2019-01-09 | CVE-2018-1000417 | Cross-Site Request Forgery (CSRF) vulnerability in Jenkins Email Extension Template A cross-site request forgery vulnerability exists in Jenkins Email Extension Template Plugin 1.0 and earlier in ExtEmailTemplateManagement.java that allows creating or removing templates. | 8.1 |
| 2019-01-09 | CVE-2018-1000414 | Cross-Site Request Forgery (CSRF) vulnerability in Jenkins Config File Provider A cross-site request forgery vulnerability exists in Jenkins Config File Provider Plugin 3.1 and earlier in ConfigFilesManagement.java, FolderConfigFileAction.java that allows creating and editing configuration file definitions. | 8.1 |
| 2019-01-09 | CVE-2018-1000411 | Cross-Site Request Forgery (CSRF) vulnerability in Jenkins Junit A cross-site request forgery vulnerability exists in Jenkins JUnit Plugin 1.25 and earlier in TestObject.java that allows setting the description of a test result. | 6.5 |
| 2018-12-30 | CVE-2018-20613 | Cross-Site Request Forgery (CSRF) vulnerability in Temmoku Project Temmoku T1.09 TEMMOKU T1.09 Beta allows admin/user/add CSRF. | 8.8 |
| 2018-12-30 | CVE-2018-20612 | Cross-Site Request Forgery (CSRF) vulnerability in Asthis Universal Website Asthis 2.3.11 UWA 2.3.11 allows index.php?g=admin&c=admin&a=add_admin_do CSRF. | 8.8 |
| 2018-12-30 | CVE-2018-20603 | Cross-Site Request Forgery (CSRF) vulnerability in Lfdycms LEI Feng TV CMS 3.8.6 Lei Feng TV CMS (aka LFCMS) 3.8.6 allows admin.php?s=/Member/add.html CSRF. | 8.8 |
| 2018-12-30 | CVE-2018-20598 | Cross-Site Request Forgery (CSRF) vulnerability in Ucms Project Ucms 1.4.7 UCMS 1.4.7 has ?do=user_addpost CSRF. | 8.8 |
| 2018-12-30 | CVE-2018-20595 | Cross-Site Request Forgery (CSRF) vulnerability in Hsweb 3.0.4 A CSRF issue was discovered in web/authorization/oauth2/controller/OAuth2ClientController.java in hsweb 3.0.4 because the state parameter in the request is not compared with the state parameter in the session after user authentication is successful. | 8.8 |