Vulnerabilities > Cross-Site Request Forgery (CSRF)

DATE CVE VULNERABILITY TITLE RISK
2019-08-28 CVE-2019-10057 Cross-Site Request Forgery (CSRF) vulnerability in Lexmark products
Various Lexmark products have CSRF.
network
lexmark CWE-352
4.3
4.3
2019-08-28 CVE-2019-15496 Cross-Site Request Forgery (CSRF) vulnerability in Manageyourteam MYT Project Management 1.5.1
MyT Project Management 1.5.1 lacks CSRF protection and, for example, allows a user/create CSRF attack. 		6.8
6.8
2019-08-28 CVE-2019-10384 Cross-Site Request Forgery (CSRF) vulnerability in multiple products
Jenkins 2.191 and earlier, LTS 2.176.2 and earlier allowed users to obtain CSRF tokens without an associated web session ID, resulting in CSRF tokens that did not expire and could be used to bypass CSRF protection for the anonymous user.
network
low complexity
jenkins oracle redhat CWE-352
8.8
8.8
2019-08-27 CVE-2019-11457 Cross-Site Request Forgery (CSRF) vulnerability in Micropyramid Django CRM 0.2.1
Multiple CSRF issues exist in MicroPyramid Django CRM 0.2.1 via /change-password-by-admin/, /api/settings/add/, /cases/create/, /change-password-by-admin/, /comment/add/, /documents/1/view/, /documents/create/, /opportunities/create/, and /login/. 		6.8
6.8
2019-08-27 CVE-2019-15660 Cross-Site Request Forgery (CSRF) vulnerability in Wp-Members Project Wp-Members
The wp-members plugin before 3.2.8 for WordPress has CSRF. 		6.8
6.8
2019-08-27 CVE-2019-15645 Cross-Site Request Forgery (CSRF) vulnerability in Zoho Salesiq
The zoho-salesiq plugin before 1.0.9 for WordPress has CSRF.
network
zoho CWE-352
6.8
6.8
2019-08-27 CVE-2018-21006 Cross-Site Request Forgery (CSRF) vulnerability in Bbpress Move Topics Project Bbpress Move Topics
The bbp-move-topics plugin before 1.1.6 for WordPress has CSRF. 		6.8
6.8
2019-08-27 CVE-2018-21002 Cross-Site Request Forgery (CSRF) vulnerability in Joomsky JS Help Desk
The js-support-ticket plugin before 2.0.6 for WordPress has CSRF.
network
joomsky CWE-352
6.8
6.8
2019-08-27 CVE-2015-9343 Cross-Site Request Forgery (CSRF) vulnerability in Impress WP Rollback
The wp-rollback plugin before 1.2.3 for WordPress has CSRF.
network
impress CWE-352
6.8
6.8
2019-08-26 CVE-2019-15515 Cross-Site Request Forgery (CSRF) vulnerability in Discourse 2.3.2
Discourse 2.3.2 sends the CSRF token in the query string.
network
discourse CWE-352
4.3
4.3