Vulnerabilities > Cross-Site Request Forgery (CSRF)
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-08-22 | CVE-2018-10884 | Cross-Site Request Forgery (CSRF) vulnerability in Redhat Ansible Tower Ansible Tower before versions 3.1.8 and 3.2.6 is vulnerable to cross-site request forgery (CSRF) in awx/api/authentication.py. | 6.8 |
| 2018-08-20 | CVE-2018-15569 | Cross-Site Request Forgery (CSRF) vulnerability in Mylittleforum MY Little Forum 2.4.12 my little forum 2.4.12 allows CSRF for deletion of users. | 6.5 |
| 2018-08-20 | CVE-2018-15568 | Cross-Site Request Forgery (CSRF) vulnerability in Tp5Cms Project Tp5Cms 20170315/20170525 tp5cms through 2017-05-25 has CSRF via admin.php/category/delete.html. | 6.8 |
| 2018-08-20 | CVE-2018-15565 | Cross-Site Request Forgery (CSRF) vulnerability in Simple-Cms Project Simple CMS 20140311 An issue was discovered in daveismyname simple-cms through 2014-03-11. | 6.8 |
| 2018-08-20 | CVE-2018-15564 | Cross-Site Request Forgery (CSRF) vulnerability in Simple-Cms Project Simple CMS 20140311 An issue was discovered in daveismyname simple-cms through 2014-03-11. | 6.8 |
| 2018-08-17 | CVE-2018-14057 | Cross-Site Request Forgery (CSRF) vulnerability in Pimcore Pimcore before 5.3.0 allows remote attackers to conduct cross-site request forgery (CSRF) attacks by leveraging validation of the X-pimcore-csrf-token anti-CSRF token only in the "Settings > Users / Roles" function. | 6.8 |
| 2018-08-16 | CVE-2018-1712 | Cross-Site Request Forgery (CSRF) vulnerability in IBM API Connect IBM API Connect's Developer Portal 5.0.0.0 through 5.0.8.3 is vulnerable to Server Side Request Forgery. | 7.5 |
| 2018-08-15 | CVE-2018-1455 | Cross-Site Request Forgery (CSRF) vulnerability in IBM Tivoli Application Dependency Discovery Manager 7.2.2/7.3.0 IBM Tivoli Application Dependency Discovery Manager 7.2.2 and 7.3 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts. | 6.8 |
| 2018-08-15 | CVE-2018-13394 | Cross-Site Request Forgery (CSRF) vulnerability in Atlassian Questions FOR Confluence The acceptAnswer resource in Atlassian Confluence Questions before version 2.6.6, the bundled version of Confluence Questions was updated to a fixed version in Confluence version 6.9.0, allows remote attackers to modify a comment into an answer via a Cross-site request forgery (CSRF) vulnerability. | 4.3 |
| 2018-08-15 | CVE-2018-13393 | Cross-Site Request Forgery (CSRF) vulnerability in Atlassian Questions FOR Confluence The convertCommentToAnswer resource in Atlassian Confluence Questions before version 2.6.6, the bundled version of Confluence Questions was updated to a fixed version in Confluence version 6.9.0, allows remote attackers to modify a comment into an answer via a Cross-site request forgery (CSRF) vulnerability. | 4.3 |