Vulnerabilities > Cross-Site Request Forgery (CSRF)
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-03-08 | CVE-2018-0216 | Cross-Site Request Forgery (CSRF) vulnerability in Cisco Identity Services Engine A vulnerability in the web-based management interface of Cisco Identity Services Engine (ISE) could allow an unauthenticated, remote attacker to conduct a cross-site request forgery (CSRF) attack and perform arbitrary actions on an affected device. | 5.4 |
| 2018-03-08 | CVE-2018-0215 | Cross-Site Request Forgery (CSRF) vulnerability in Cisco Identity Services Engine 2.0(0.234) A vulnerability in the web-based management interface of Cisco Identity Services Engine (ISE) could allow an unauthenticated, remote attacker to conduct a cross-site request forgery (CSRF) attack and perform arbitrary actions on an affected device. | 6.3 |
| 2018-03-08 | CVE-2018-0210 | Cross-Site Request Forgery (CSRF) vulnerability in Cisco Data Center Network Manager 10.4(1.128)/10.4(2) A vulnerability in the web-based management interface of Cisco Data Center Network Manager could allow an unauthenticated, remote attacker to conduct a cross-site request forgery (CSRF) attack and perform arbitrary actions on an affected device. | 8.8 |
| 2018-03-07 | CVE-2018-7565 | Cross-Site Request Forgery (CSRF) vulnerability in Polycom QDX 6000 Firmware CSRF exists on Polycom QDX 6000 devices. | 8.8 |
| 2018-03-07 | CVE-2018-7720 | Cross-Site Request Forgery (CSRF) vulnerability in Cobub Razor 0.7.2 A cross-site request forgery (CSRF) vulnerability exists in Western Bridge Cobub Razor 0.7.2 via /index.php?/user/createNewUser/, resulting in account creation. | 8.8 |
| 2018-03-07 | CVE-2017-11649 | Cross-Site Request Forgery (CSRF) vulnerability in Draytek Vigorap 910C Firmware 1.2.0 Cross-site request forgery (CSRF) vulnerability in DrayTek Vigor AP910C devices with firmware 1.2.0_RC3 build r6594 allows remote attackers to hijack the authentication of unspecified users for requests that enable SNMP on the remote device via vectors involving goform/setSnmp. | 8.8 |
| 2018-03-06 | CVE-2018-7733 | Cross-Site Request Forgery (CSRF) vulnerability in Yxtcmf 3.1 An issue was discovered in YxtCMF 3.1. | 8.8 |
| 2018-03-06 | CVE-2018-7307 | Cross-Site Request Forgery (CSRF) vulnerability in Auth0 Auth0.Js The Auth0 Auth0.js library before 9.3 has CSRF because it mishandles the case where the authorization response lacks the state parameter. | 8.8 |
| 2018-03-01 | CVE-2018-7634 | Cross-Site Request Forgery (CSRF) vulnerability in Enalean Tuleap 9.17 An issue was discovered in Enalean Tuleap 9.17. | 8.8 |
| 2018-03-01 | CVE-2018-7590 | Cross-Site Request Forgery (CSRF) vulnerability in Hoosk 1.7.0 CSRF exists in Hoosk 1.7.0 via /admin/users/new/add, resulting in account creation. | 8.8 |