Vulnerabilities > Cross-Site Request Forgery (CSRF)
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2019-04-04 | CVE-2019-1003076 | Cross-Site Request Forgery (CSRF) vulnerability in Jenkins Audit to Database A cross-site request forgery vulnerability in Jenkins Audit to Database Plugin in the DbAuditPublisherDescriptorImpl#doTestJdbcConnection form validation method allows attackers to initiate a connection to an attacker-specified server. | 6.5 |
2019-04-04 | CVE-2019-1003058 | Cross-Site Request Forgery (CSRF) vulnerability in Jenkins FTP Publisher A cross-site request forgery vulnerability in Jenkins FTP publisher Plugin in the FTPPublisher.DescriptorImpl#doLoginCheck method allows attackers to initiate a connection to an attacker-specified server. | 6.5 |
2019-04-03 | CVE-2019-10673 | Cross-Site Request Forgery (CSRF) vulnerability in Ultimatemember Ultimate Member A CSRF vulnerability in a logged-in user's profile edit form in the Ultimate Member plugin before 2.0.40 for WordPress allows attackers to become admin and subsequently extract sensitive information and execute arbitrary code. | 9.3 |
2019-04-02 | CVE-2018-1622 | Cross-Site Request Forgery (CSRF) vulnerability in IBM Security Privileged Identity Manager 2.1.1 IBM Security Privileged Identity Manager Virtual Appliance 2.2.1 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts. | 6.8 |
2019-04-01 | CVE-2019-3876 | Cross-Site Request Forgery (CSRF) vulnerability in Redhat Openshift Container Platform A flaw was found in the /oauth/token/request custom endpoint of the OpenShift OAuth server allowing for XSS generation of CLI tokens due to missing X-Frame-Options and CSRF protections. | 6.3 |
2019-04-01 | CVE-2014-7198 | Cross-Site Request Forgery (CSRF) vulnerability in Openmicroscopy Omero OMERO before 5.0.6 has multiple CSRF vulnerabilities because the framework for OMERO's web interface lacks CSRF protection. | 6.8 |
2019-03-30 | CVE-2019-10644 | Cross-Site Request Forgery (CSRF) vulnerability in Hyphp Hybbs 2.2 An issue was discovered in HYBBS 2.2. | 6.8 |
2019-03-29 | CVE-2019-9604 | Cross-Site Request Forgery (CSRF) vulnerability in Online Lottery PHP Readymade Script Project Online Lottery PHP Readymade Script 1.7.0 PHP Scripts Mall Online Lottery PHP Readymade Script 1.7.0 has Cross-Site Request Forgery (CSRF) for Edit Profile actions. | 6.8 |
2019-03-28 | CVE-2019-6607 | Cross-Site Request Forgery (CSRF) vulnerability in F5 Big-Ip Application Security Manager On BIG-IP ASM 11.5.1-11.5.8, 11.6.1-11.6.3, 12.1.0-12.1.3, 13.0.0-13.1.1.3, and 14.0.0-14.0.0.2, there is a stored cross-site scripting vulnerability in an ASM violation viewed in the Configuration utility. | 6.0 |
2019-03-28 | CVE-2019-1003046 | Cross-Site Request Forgery (CSRF) vulnerability in Jenkins Fortify on Demand Uploader A cross-site request forgery vulnerability in Jenkins Fortify on Demand Uploader Plugin 3.0.10 and earlier allows attackers to initiate a connection to an attacker-specified server. | 6.5 |