Vulnerabilities > Cross-Site Request Forgery (CSRF)
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-06-21 | CVE-2018-0365 | Cross-Site Request Forgery (CSRF) vulnerability in Cisco products A vulnerability in the web-based management interface of Cisco Firepower Management Center could allow an unauthenticated, remote attacker to conduct a cross-site request forgery (CSRF) attack and perform arbitrary actions on an affected device. | 8.8 |
| 2018-06-21 | CVE-2018-0364 | Cross-Site Request Forgery (CSRF) vulnerability in Cisco Unified Communications Domain Manager A vulnerability in the web-based management interface of Cisco Unified Communications Domain Manager could allow an unauthenticated, remote attacker to conduct a cross-site request forgery (CSRF) attack and perform arbitrary actions on an affected device. | 8.8 |
| 2018-06-21 | CVE-2018-0363 | Cross-Site Request Forgery (CSRF) vulnerability in Cisco Unified Communications Manager IM and Presence Service 11.5(1) A vulnerability in the web-based management interface of Cisco Unified Communications Manager IM & Presence Service (formerly CUPS) could allow an unauthenticated, remote attacker to conduct a cross-site request forgery (CSRF) attack and perform arbitrary actions on an affected device. | 8.8 |
| 2018-06-20 | CVE-2018-6563 | Cross-Site Request Forgery (CSRF) vulnerability in Totemo Encryption Gateway 6.0.0 Multiple cross-site request forgery (CSRF) vulnerabilities in totemomail Encryption Gateway before 6.0.0_Build_371 allow remote attackers to hijack the authentication of users for requests that (1) change user settings, (2) send emails, or (3) change contact information by leveraging lack of an anti-CSRF token. | 8.8 |
| 2018-06-19 | CVE-2018-12583 | Cross-Site Request Forgery (CSRF) vulnerability in Akcms Project Akcms 6.1 An issue was discovered in AKCMS 6.1. | 6.5 |
| 2018-06-19 | CVE-2018-12582 | Cross-Site Request Forgery (CSRF) vulnerability in Akcms Project Akcms 6.1 An issue was discovered in AKCMS 6.1. | 8.8 |
| 2018-06-14 | CVE-2018-12114 | Cross-Site Request Forgery (CSRF) vulnerability in Maccms 10.0 Maccms 10 allows CSRF via admin.php/admin/admin/info.html to add user accounts. | 8.8 |
| 2018-06-13 | CVE-2018-12354 | Cross-Site Request Forgery (CSRF) vulnerability in Knowage-Suite Knowage 6.1.1 Knowage (formerly SpagoBI) 6.1.1 allows CSRF via every form, as demonstrated by a /knowage/restful-services/2.0/analyticalDrivers/ POST request. | 8.8 |
| 2018-06-13 | CVE-2018-11406 | Cross-Site Request Forgery (CSRF) vulnerability in multiple products An issue was discovered in the Security component in Symfony 2.7.x before 2.7.48, 2.8.x before 2.8.41, 3.3.x before 3.3.17, 3.4.x before 3.4.11, and 4.0.x before 4.0.11. | 8.8 |
| 2018-06-11 | CVE-2017-5394 | Cross-Site Request Forgery (CSRF) vulnerability in Mozilla Firefox A location bar spoofing attack where the location bar of loaded page will be shown over the content of another tab due to a series of JavaScript events combined with fullscreen mode. | 8.8 |