Vulnerabilities > Cross-Site Request Forgery (CSRF)

DATE	CVE	VULNERABILITY TITLE	RISK
2018-01-23	CVE-2018-1000014	Cross-Site Request Forgery (CSRF) vulnerability in Jenkins Translation Assistance Jenkins Translation Assistance Plugin 1.15 and earlier did not require form submissions to be submitted via POST, resulting in a CSRF vulnerability allowing attackers to override localized strings displayed to all users on the current Jenkins instance if the victim is a Jenkins administrator. network jenkins CWE-352	6.8
2018-01-23	CVE-2018-1000013	Cross-Site Request Forgery (CSRF) vulnerability in Jenkins Release Jenkins Release Plugin 2.9 and earlier did not require form submissions to be submitted via POST, resulting in a CSRF vulnerability allowing attackers to trigger release builds. network jenkins CWE-352	6.8
2018-01-22	CVE-2018-6009	Cross-Site Request Forgery (CSRF) vulnerability in Yiiframework In Yii Framework 2.x before 2.0.14, the switchIdentity function in web/User.php did not regenerate the CSRF token upon a change of identity. network yiiframework CWE-352	6.8
2018-01-18	CVE-2017-18033	Cross-Site Request Forgery (CSRF) vulnerability in Atlassian Jira The Jira-importers-plugin in Atlassian Jira before version 7.6.1 allows remote attackers to create new projects and abort an executing external system import via various Cross-site request forgery (CSRF) vulnerabilities. network atlassian CWE-352	4.3
2018-01-18	CVE-2018-0107	Cross-Site Request Forgery (CSRF) vulnerability in Cisco Prime Service Catalog A vulnerability in the web framework of Cisco Prime Service Catalog could allow an unauthenticated, remote attacker to execute unwanted actions on an affected device. network cisco CWE-352	6.8
2018-01-15	CVE-2018-5329	Cross-Site Request Forgery (CSRF) vulnerability in Beims Contractorweb.Net 5.18.0.0 ZUUSE BEIMS ContractorWeb .NET 5.18.0.0 is vulnerable to Cross-Site Request Forgery (CSRF) on /CWEBNET/* authenticated pages. network beims CWE-352	6.8
2018-01-13	CVE-2018-5673	Cross-Site Request Forgery (CSRF) vulnerability in Booking Calendar Project Booking Calendar 2.1.7 An issue was discovered in the booking-calendar plugin 2.1.7 for WordPress. network booking-calendar-project CWE-352	6.8
2018-01-13	CVE-2018-5669	Cross-Site Request Forgery (CSRF) vulnerability in Read and Understood Project Read and Understood 2.1 An issue was discovered in the read-and-understood plugin 2.1 for WordPress. network read-and-understood-project CWE-352	6.8
2018-01-13	CVE-2018-5658	Cross-Site Request Forgery (CSRF) vulnerability in Responsive Coming Soon Page Project Responsive Coming Soon Page 1.1.18 An issue was discovered in the responsive-coming-soon-page plugin 1.1.18 for WordPress. network responsive-coming-soon-page-project CWE-352	6.8
2018-01-13	CVE-2018-5656	Cross-Site Request Forgery (CSRF) vulnerability in Weblizar Pinterest-Feeds 1.1.1 An issue was discovered in the weblizar-pinterest-feeds plugin 1.1.1 for WordPress. network weblizar CWE-352	6.8