Vulnerabilities > Cross-Site Request Forgery (CSRF)
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-04-22 | CVE-2019-11416 | Cross-Site Request Forgery (CSRF) vulnerability in Intelbras IWR 3000N Firmware 1.5.0 A CSRF issue was discovered on Intelbras IWR 3000N 1.5.0 devices, leading to complete control of the router, as demonstrated by v1/system/user. | 9.3 |
| 2019-04-20 | CVE-2019-11375 | Cross-Site Request Forgery (CSRF) vulnerability in Meisivod Msvod 10 Msvod v10 has a CSRF vulnerability to change user information via the admin/member/edit.html URI. | 4.3 |
| 2019-04-20 | CVE-2019-11374 | Cross-Site Request Forgery (CSRF) vulnerability in 74Cms 5.0.1 74CMS v5.0.1 has a CSRF vulnerability to add a new admin user via the index.php?m=Admin&c=admin&a=add URI. | 6.8 |
| 2019-04-18 | CVE-2019-3718 | Cross-Site Request Forgery (CSRF) vulnerability in Dell Supportassist Dell SupportAssist Client versions prior to 3.2.0.90 contain an improper origin validation vulnerability. | 8.8 |
| 2019-04-18 | CVE-2019-10304 | Cross-Site Request Forgery (CSRF) vulnerability in Jenkins Xebialabs XL Deploy A cross-site request forgery vulnerability in Jenkins XebiaLabs XL Deploy Plugin in the Credential#doValidateUserNamePassword form validation method allows attackers to initiate a connection to an attacker-specified server. | 6.5 |
| 2019-04-18 | CVE-2019-10300 | Cross-Site Request Forgery (CSRF) vulnerability in Jenkins Gitlab A cross-site request forgery vulnerability in Jenkins GitLab Plugin 1.5.11 and earlier in the GitLabConnectionConfig#doTestConnection form validation method allowed attackers to connect to an attacker-specified URL using attacker-specified credentials IDs obtained through another method, capturing credentials stored in Jenkins. | 8.0 |
| 2019-04-18 | CVE-2018-17168 | Cross-Site Request Forgery (CSRF) vulnerability in Printeron 4.1.4 PrinterOn Enterprise 4.1.4 contains multiple Cross Site Request Forgery (CSRF) vulnerabilities in the Administration page. | 4.3 |
| 2019-04-18 | CVE-2019-1797 | Cross-Site Request Forgery (CSRF) vulnerability in Cisco Wireless LAN Controller Software A vulnerability in the web-based management interface of Cisco Wireless LAN Controller (WLC) Software could allow an unauthenticated, remote attacker to conduct a cross-site request forgery (CSRF) attack and perform arbitrary actions on the device with the privileges of the user, including modifying the device configuration. | 6.8 |
| 2019-04-18 | CVE-2019-1722 | Cross-Site Request Forgery (CSRF) vulnerability in Cisco products A vulnerability in the FindMe feature of Cisco Expressway Series and Cisco TelePresence Video Communication Server (VCS) could allow an unauthenticated, remote attacker to conduct a cross-site request forgery (CSRF) attack and perform arbitrary actions on an affected system. | 4.3 |
| 2019-04-17 | CVE-2019-10642 | Cross-Site Request Forgery (CSRF) vulnerability in Contao CMS 4.7.0 Contao 4.7 allows CSRF. | 6.8 |