Vulnerabilities > Cross-Site Request Forgery (CSRF)
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2019-08-23 | CVE-2019-8447 | Cross-Site Request Forgery (CSRF) vulnerability in Atlassian Jira Server The ServiceExecutor resource in Jira before version 8.3.2 allows remote attackers to trigger the creation of export files via a Cross-site request forgery (CSRF) vulnerability. | 4.3 |
2019-08-23 | CVE-2019-14999 | Cross-Site Request Forgery (CSRF) vulnerability in Atlassian Universal Plugin Manager The Uninstall REST endpoint in Atlassian Universal Plugin Manager before version 2.22.19, from version 3.0.0 before version 3.0.3 and from version 4.0.0 before version 4.0.3 allows remote attackers to uninstall plugins using a Cross-Site Request Forgery (CSRF) vulnerability on an authenticated administrator. | 4.3 |
2019-08-23 | CVE-2019-11588 | Cross-Site Request Forgery (CSRF) vulnerability in Atlassian Jira and Jira Server The ViewSystemInfo class doGarbageCollection method in Jira before version 7.13.6, from version 8.0.0 before version 8.2.3, and from version 8.3.0 before version 8.3.2 allows remote attackers to trigger garbage collection via a Cross-site request forgery (CSRF) vulnerability. | 4.3 |
2019-08-23 | CVE-2019-11587 | Cross-Site Request Forgery (CSRF) vulnerability in Atlassian Jira and Jira Server Various exposed resources of the ViewLogging class in Jira before version 7.13.6, from version 8.0.0 before version 8.2.3, and from version 8.3.0 before version 8.3.2 allow remote attackers to modify various settings via Cross-site request forgery (CSRF). | 4.3 |
2019-08-23 | CVE-2019-11586 | Cross-Site Request Forgery (CSRF) vulnerability in Atlassian Jira The AddResolution.jspa resource in Jira before version 7.13.6, from version 8.0.0 before version 8.2.3, and from version 8.3.0 before version 8.3.2 allows remote attackers to create new resolutions via a Cross-site request forgery (CSRF) vulnerability. | 4.3 |
2019-08-23 | CVE-2019-15491 | Cross-Site Request Forgery (CSRF) vulnerability in It-Novum Openitcockpit openITCOCKPIT before 3.7.1 has CSRF, aka RVID 2-445b21. | 6.8 |
2019-08-22 | CVE-2019-15329 | Cross-Site Request Forgery (CSRF) vulnerability in Codection Import Users From CSV With Meta The import-users-from-csv-with-meta plugin before 1.14.0.3 for WordPress has CSRF. | 6.8 |
2019-08-22 | CVE-2014-10382 | Cross-Site Request Forgery (CSRF) vulnerability in Pippinsplugins Featured Comments The feature-comments plugin before 1.2.5 for WordPress has CSRF for featuring or burying a comment. | 4.3 |
2019-08-22 | CVE-2016-10918 | Cross-Site Request Forgery (CSRF) vulnerability in Supsystic Photo Gallery The gallery-by-supsystic plugin before 1.8.6 for WordPress has CSRF. | 6.8 |
2019-08-21 | CVE-2019-13477 | Cross-Site Request Forgery (CSRF) vulnerability in Control-Webpanel Webpanel 0.9.8.837 In CentOS-WebPanel.com (aka CWP) CentOS Web Panel 0.9.8.837, CSRF in the forgot password function allows an attacker to change the password for the root account. | 8.8 |