Vulnerabilities > Cross-Site Request Forgery (CSRF)
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2018-01-23 | CVE-2018-1000013 | Cross-Site Request Forgery (CSRF) vulnerability in Jenkins Release Jenkins Release Plugin 2.9 and earlier did not require form submissions to be submitted via POST, resulting in a CSRF vulnerability allowing attackers to trigger release builds. | 8.8 |
2018-01-22 | CVE-2018-6009 | Cross-Site Request Forgery (CSRF) vulnerability in Yiiframework In Yii Framework 2.x before 2.0.14, the switchIdentity function in web/User.php did not regenerate the CSRF token upon a change of identity. | 8.8 |
2018-01-18 | CVE-2017-18033 | Cross-Site Request Forgery (CSRF) vulnerability in Atlassian Jira The Jira-importers-plugin in Atlassian Jira before version 7.6.1 allows remote attackers to create new projects and abort an executing external system import via various Cross-site request forgery (CSRF) vulnerabilities. | 6.5 |
2018-01-18 | CVE-2018-0107 | Cross-Site Request Forgery (CSRF) vulnerability in Cisco Prime Service Catalog A vulnerability in the web framework of Cisco Prime Service Catalog could allow an unauthenticated, remote attacker to execute unwanted actions on an affected device. | 8.8 |
2018-01-15 | CVE-2018-5329 | Cross-Site Request Forgery (CSRF) vulnerability in Beims Contractorweb.Net 5.18.0.0 ZUUSE BEIMS ContractorWeb .NET 5.18.0.0 is vulnerable to Cross-Site Request Forgery (CSRF) on /CWEBNET/* authenticated pages. | 8.8 |
2018-01-13 | CVE-2018-5673 | Cross-Site Request Forgery (CSRF) vulnerability in Booking Calendar Project Booking Calendar 2.1.7 An issue was discovered in the booking-calendar plugin 2.1.7 for WordPress. | 8.8 |
2018-01-13 | CVE-2018-5669 | Cross-Site Request Forgery (CSRF) vulnerability in Read and Understood Project Read and Understood 2.1 An issue was discovered in the read-and-understood plugin 2.1 for WordPress. | 8.8 |
2018-01-13 | CVE-2018-5658 | Cross-Site Request Forgery (CSRF) vulnerability in Responsive Coming Soon Page Project Responsive Coming Soon Page 1.1.18 An issue was discovered in the responsive-coming-soon-page plugin 1.1.18 for WordPress. | 8.8 |
2018-01-13 | CVE-2018-5656 | Cross-Site Request Forgery (CSRF) vulnerability in Weblizar Pinterest-Feeds 1.1.1 An issue was discovered in the weblizar-pinterest-feeds plugin 1.1.1 for WordPress. | 8.8 |
2018-01-12 | CVE-2017-16886 | Cross-Site Request Forgery (CSRF) vulnerability in Fiberhome Lm53Q1 Firmware Vh519R05C01S38 The portal on FiberHome Mobile WIFI Device Model LM53Q1 VH519R05C01S38 uses SOAP based web services in order to interact with the portal. | 8.8 |