Vulnerabilities > Cross-Site Request Forgery (CSRF)
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-10-19 | CVE-2017-15645 | Cross-Site Request Forgery (CSRF) vulnerability in Webmin CSRF exists in Webmin 1.850. | 8.8 |
| 2017-10-19 | CVE-2017-12271 | Cross-Site Request Forgery (CSRF) vulnerability in Cisco Spa300 Firmware and Spa500 Firmware A vulnerability in Cisco SPA300 and SPA500 Series IP Phones could allow an unauthenticated, remote attacker to execute unwanted actions on an affected device. | 8.8 |
| 2017-10-18 | CVE-2017-14956 | Cross-Site Request Forgery (CSRF) vulnerability in Alienvault Unified Security Management AlienVault USM v5.4.2 and earlier offers authenticated users the functionality of exporting generated reports via the "/ossim/report/wizard_email.php" script. | 5.7 |
| 2017-10-18 | CVE-2015-7715 | Cross-Site Request Forgery (CSRF) vulnerability in Realtyna Property Listing 8.9/8.9.2 Cross-site request forgery (CSRF) vulnerability in the Realtyna RPL (com_rpl) component before 8.9.5 for Joomla! allows remote attackers to hijack the authentication of administrators for requests that add a user via an add_user action to administrator/index.php. | 8.8 |
| 2017-10-18 | CVE-2014-3709 | Cross-Site Request Forgery (CSRF) vulnerability in Keycloak The org.keycloak.services.resources.SocialResource.callback method in JBoss KeyCloak before 1.0.3.Final allows remote attackers to conduct cross-site request forgery (CSRF) attacks by leveraging lack of CSRF protection. | 8.8 |
| 2017-10-17 | CVE-2017-14011 | Cross-Site Request Forgery (CSRF) vulnerability in Prominent Multiflex M10A Controller Firmware A Cross-Site Request Forgery issue was discovered in ProMinent MultiFLEX M10a Controller web interface. | 8.8 |
| 2017-10-16 | CVE-2017-15296 | Cross-Site Request Forgery (CSRF) vulnerability in SAP Customer Relationship Management The Java component in SAP CRM has CSRF. | 8.8 |
| 2017-10-13 | CVE-2016-1261 | Cross-Site Request Forgery (CSRF) vulnerability in Juniper Junos J-Web does not validate certain input that may lead to cross-site request forgery (CSRF) issues or cause a denial of J-Web service (DoS). | 8.8 |
| 2017-10-13 | CVE-2016-5789 | Cross-Site Request Forgery (CSRF) vulnerability in Jantek Jtc-200 Firmware A Cross-site Request Forgery issue was discovered in JanTek JTC-200, all versions. | 8.0 |
| 2017-10-06 | CVE-2015-2143 | Cross-Site Request Forgery (CSRF) vulnerability in PHPbugtracker Project PHPbugtracker Multiple cross-site request forgery (CSRF) vulnerabilities in Issuetracker phpBugTracker before 1.7.0 allow remote attackers to hijack the authentication of users for requests that cause an unspecified impact via unknown parameters. | 8.8 |