Vulnerabilities > Cross-Site Request Forgery (CSRF)
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-08-20 | CVE-2018-15565 | Cross-Site Request Forgery (CSRF) vulnerability in Simple-Cms Project Simple CMS 20140311 An issue was discovered in daveismyname simple-cms through 2014-03-11. | 8.8 |
| 2018-08-20 | CVE-2018-15564 | Cross-Site Request Forgery (CSRF) vulnerability in Simple-Cms Project Simple CMS 20140311 An issue was discovered in daveismyname simple-cms through 2014-03-11. | 8.8 |
| 2018-08-17 | CVE-2018-14057 | Cross-Site Request Forgery (CSRF) vulnerability in Pimcore Pimcore before 5.3.0 allows remote attackers to conduct cross-site request forgery (CSRF) attacks by leveraging validation of the X-pimcore-csrf-token anti-CSRF token only in the "Settings > Users / Roles" function. | 8.8 |
| 2018-08-16 | CVE-2018-1712 | Cross-Site Request Forgery (CSRF) vulnerability in IBM API Connect IBM API Connect's Developer Portal 5.0.0.0 through 5.0.8.3 is vulnerable to Server Side Request Forgery. | 9.9 |
| 2018-08-15 | CVE-2018-1455 | Cross-Site Request Forgery (CSRF) vulnerability in IBM Tivoli Application Dependency Discovery Manager 7.2.2/7.3.0 IBM Tivoli Application Dependency Discovery Manager 7.2.2 and 7.3 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts. | 8.8 |
| 2018-08-15 | CVE-2018-13394 | Cross-Site Request Forgery (CSRF) vulnerability in Atlassian Questions for Confluence The acceptAnswer resource in Atlassian Confluence Questions before version 2.6.6, the bundled version of Confluence Questions was updated to a fixed version in Confluence version 6.9.0, allows remote attackers to modify a comment into an answer via a Cross-site request forgery (CSRF) vulnerability. | 6.5 |
| 2018-08-15 | CVE-2018-13393 | Cross-Site Request Forgery (CSRF) vulnerability in Atlassian Questions for Confluence The convertCommentToAnswer resource in Atlassian Confluence Questions before version 2.6.6, the bundled version of Confluence Questions was updated to a fixed version in Confluence version 6.9.0, allows remote attackers to modify a comment into an answer via a Cross-site request forgery (CSRF) vulnerability. | 6.5 |
| 2018-08-14 | CVE-2018-2442 | Cross-Site Request Forgery (CSRF) vulnerability in SAP products In SAP BusinessObjects Business Intelligence, versions 4.0, 4.1 and 4.2, while viewing a Web Intelligence report from BI Launchpad, the user session details captured by an HTTP analysis tool could be reused in a HTML page while the user session is still valid. | 8.8 |
| 2018-08-14 | CVE-2018-7097 | Cross-Site Request Forgery (CSRF) vulnerability in HP 3Par Service Provider Sp4.2.0/Sp4.3.0/Sp4.4.0 A security vulnerability was identified in 3PAR Service Processor (SP) prior to SP-4.4.0.GA-110(MU7). | 8.8 |
| 2018-08-10 | CVE-2018-14783 | Cross-Site Request Forgery (CSRF) vulnerability in Netcommwireless Nwl-25 Firmware 2.0.29.11 NetComm Wireless G LTE Light Industrial M2M Router (NWL-25) with firmware 2.0.29.11 and prior. | 8.8 |