Vulnerabilities > Cross-Site Request Forgery (CSRF)
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2016-01-10 | CVE-2015-7465 | Cross-Site Request Forgery (CSRF) vulnerability in IBM Jazz Reporting Service 6.0 Cross-site request forgery (CSRF) vulnerability in Lifecycle Query Engine (LQE) in IBM Jazz Reporting Service (JRS) 6.0 before 6.0.0-Rational-CLM-ifix005 allows remote authenticated users to hijack the authentication of arbitrary users for requests that insert XSS sequences. | 8.8 |
| 2016-01-05 | CVE-2015-5445 | Cross-Site Request Forgery (CSRF) vulnerability in HP Storeonce Backup System Software 3.13.0 Cross-site request forgery (CSRF) vulnerability in HP StoreOnce Backup system software before 3.13.1 allows remote authenticated users to hijack the authentication of unspecified victims via unknown vectors. | 8.8 |
| 2016-01-03 | CVE-2015-5037 | Cross-Site Request Forgery (CSRF) vulnerability in IBM Connections Cross-site request forgery (CSRF) vulnerability in IBM Connections 3.x before 3.0.1.1 CR3, 4.0 before CR4, 4.5 before CR5, and 5.0 before CR3 allows remote authenticated users to hijack the authentication of arbitrary users for requests that insert XSS sequences. | 5.4 |
| 2016-01-02 | CVE-2015-7407 | Cross-Site Request Forgery (CSRF) vulnerability in IBM Mashups Center 3.0.0.1 Cross-site request forgery (CSRF) vulnerability in Lotus Mashups in IBM Mashup Center 3.0.0.1 allows remote attackers to hijack the authentication of arbitrary users for requests that insert XSS sequences. | 8.8 |
| 2015-12-31 | CVE-2015-5990 | Cross-Site Request Forgery (CSRF) vulnerability in Zyxel Gs1900-10Hp Firmware 2.40 Cross-site request forgery (CSRF) vulnerability on Belkin F9K1102 2 devices with firmware 2.10.17 allows remote attackers to hijack the authentication of arbitrary users. | 8.8 |
| 2015-12-31 | CVE-2015-7284 | Cross-Site Request Forgery (CSRF) vulnerability in Zyxel Nbg-418N and Nbg-418N Firmware Cross-site request forgery (CSRF) vulnerability on ZyXEL NBG-418N devices with firmware 1.00(AADZ.3)C0 allows remote attackers to hijack the authentication of arbitrary users. | 8.0 |
| 2015-12-31 | CVE-2015-7281 | Cross-Site Request Forgery (CSRF) vulnerability in Readynet Solutions Wrt300N-Dd Firmware 1.0.26 Cross-site request forgery (CSRF) vulnerability on ReadyNet WRT300N-DD devices with firmware 1.0.26 allows remote attackers to hijack the authentication of arbitrary users. | 8.8 |
| 2015-12-31 | CVE-2015-7278 | Cross-Site Request Forgery (CSRF) vulnerability in Ampedwireless R10000 Firmware 2.5.2.11 Cross-site request forgery (CSRF) vulnerability on Amped Wireless R10000 devices with firmware 2.5.2.11 allows remote attackers to hijack the authentication of arbitrary users. | 8.8 |
| 2015-12-31 | CVE-2015-5996 | Cross-Site Request Forgery (CSRF) vulnerability in Mediabridge Medialink Mwn-Wapr300N Firmware 5.07.50 Cross-site request forgery (CSRF) vulnerability on Mediabridge Medialink MWN-WAPR300N devices with firmware 5.07.50 allows remote attackers to hijack the authentication of arbitrary users. | 8.8 |
| 2015-12-31 | CVE-2015-2912 | Cross-Site Request Forgery (CSRF) vulnerability in Orientdb 2.0.14/2.1.0 The JSONP endpoint in the Studio component in OrientDB Server Community Edition before 2.0.15 and 2.1.x before 2.1.1 does not properly restrict callback values, which allows remote attackers to conduct cross-site request forgery (CSRF) attacks, and obtain sensitive information, via a crafted HTTP request. | 8.8 |