Vulnerabilities > Cross-Site Request Forgery (CSRF)
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-07-17 | CVE-2017-1000069 | Cross-Site Request Forgery (CSRF) vulnerability in Oauth2 Proxy Project Oauth2 Proxy 2.1 CSRF in Bitly oauth2_proxy 2.1 during authentication flow | 8.8 |
| 2017-07-17 | CVE-2017-1000008 | Cross-Site Request Forgery (CSRF) vulnerability in Chyrp-Lite Project Chyrp Lite 2016.04 Chyrp Lite version 2016.04 is vulnerable to a CSRF in the user settings function allowing attackers to hijack the authentication of logged in users to modify account information, including their password. | 8.8 |
| 2017-07-12 | CVE-2017-11196 | Cross-Site Request Forgery (CSRF) vulnerability in Pulsesecure Pulse Connect Secure 8.3R1.0 Pulse Connect Secure 8.3R1 has CSRF in logout.cgi. | 8.8 |
| 2017-07-12 | CVE-2017-11193 | Cross-Site Request Forgery (CSRF) vulnerability in Pulsesecure Pulse Connect Secure 8.3R1.0 Pulse Connect Secure 8.3R1 has CSRF in diag.cgi. | 8.8 |
| 2017-07-07 | CVE-2017-2244 | Cross-Site Request Forgery (CSRF) vulnerability in Brother Mfc-J960Dwn Firmware D Cross-site request forgery (CSRF) vulnerability in MFC-J960DWN firmware ver.D and earlier allows remote attackers to hijack the authentication of administrators via unspecified vectors. | 8.8 |
| 2017-07-07 | CVE-2017-2238 | Cross-Site Request Forgery (CSRF) vulnerability in Toshiba Hem-Gw16A Firmware and Hem-Gw26A Firmware Cross-site request forgery (CSRF) vulnerability in Toshiba Home gateway HEM-GW16A firmware HEM-GW16A-FW-V1.2.0 and earlier and Toshiba Home gateway HEM-GW26A firmware HEM-GW26A-FW-V1.2.0 and earlier allows remote attackers to hijack the authentication of administrators via unspecified vectors. | 8.8 |
| 2017-07-07 | CVE-2017-2223 | Cross-Site Request Forgery (CSRF) vulnerability in Iodata products Cross-site request forgery (CSRF) vulnerability in TS-WPTCAM, TS-PTCAM, TS-PTCAM/POE, TS-WLC2, TS-WLCE, TS-WRLC firmware version 1.19 and earlier and TS-WPTCAM2 firmware version 1.01 and earlier allows remote attackers to hijack the authentication of administrators via unspecified vectors. | 8.8 |
| 2017-07-07 | CVE-2017-7404 | Cross-Site Request Forgery (CSRF) vulnerability in Dlink Dir-615 20.12Ptb01 On the D-Link DIR-615 before v20.12PTb04, if a victim logged in to the Router's Web Interface visits a malicious site from another Browser tab, the malicious site then can send requests to the victim's Router without knowing the credentials (CSRF). | 8.8 |
| 2017-07-07 | CVE-2017-4998 | Cross-Site Request Forgery (CSRF) vulnerability in EMC RSA Archer Egrc EMC RSA Archer 5.4.1.3, 5.5.3.1, 5.5.2.3, 5.5.2, 5.5.1.3.1, 5.5.1.1 is potentially affected by a cross-site request forgery vulnerability. | 8.8 |
| 2017-07-03 | CVE-2017-5943 | Cross-Site Request Forgery (CSRF) vulnerability in Bestpractical Request Tracker Request Tracker (RT) 4.x before 4.0.25, 4.2.x before 4.2.14, and 4.4.x before 4.4.2 allows remote attackers to obtain sensitive information about cross-site request forgery (CSRF) verification tokens via a crafted URL. | 8.8 |