Vulnerabilities > Cross-Site Request Forgery (CSRF)
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-05-11 | CVE-2016-9092 | Cross-Site Request Forgery (CSRF) vulnerability in Symantec Content Analysis and Mail Threat Defense The Symantec Content Analysis (CA) 1.3, 2.x prior to 2.2.1.1, and Mail Threat Defense (MTD) 1.1 management consoles are susceptible to a cross-site request forging (CSRF) vulnerability. | 8.8 |
| 2017-05-10 | CVE-2016-5889 | Cross-Site Request Forgery (CSRF) vulnerability in IBM Interact IBM Interact 8.6, 9.0, 9.1, and 10.0 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts. | 8.8 |
| 2017-05-10 | CVE-2017-8875 | Cross-Site Request Forgery (CSRF) vulnerability in Codection Clean Login 1.7.12 CSRF in the Clean Login plugin before 1.8 for WordPress allows remote attackers to change the login redirect URL or logout redirect URL. | 6.5 |
| 2017-05-10 | CVE-2017-8874 | Cross-Site Request Forgery (CSRF) vulnerability in Acquia Mautic 1.4.1 Multiple cross-site request forgery (CSRF) vulnerabilities in Mautic 1.4.1 allow remote attackers to hijack the authentication of users for requests that (1) delete email campaigns or (2) delete contacts. | 8.8 |
| 2017-05-10 | CVE-2017-5891 | Cross-Site Request Forgery (CSRF) vulnerability in Asus Rt-Ac1750 Firmware 3.0.0.4.380.7266 ASUS RT-AC* and RT-N* devices with firmware before 3.0.0.4.380.7378 have Login Page CSRF and Save Settings CSRF. | 8.8 |
| 2017-05-08 | CVE-2017-8848 | Cross-Site Request Forgery (CSRF) vulnerability in Allen Disk Project Allen Disk 1.6 Allen Disk 1.6 has CSRF in setpass.php with an impact of changing a password. | 6.5 |
| 2017-05-03 | CVE-2017-7431 | Cross-Site Request Forgery (CSRF) vulnerability in multiple products Novell iManager 2.7.x before 2.7 SP7 Patch 10 HF1 and NetIQ iManager 3.x before 3.0.3.1 have persistent CSRF in object management. | 8.8 |
| 2017-04-28 | CVE-2017-1194 | Cross-Site Request Forgery (CSRF) vulnerability in IBM Websphere Application Server IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts. | 8.8 |
| 2017-04-28 | CVE-2017-2102 | Cross-Site Request Forgery (CSRF) vulnerability in IPA Appgoat 3.0.0 Cross-site request forgery (CSRF) vulnerability in Hands-on Vulnerability Learning Tool "AppGoat" for Web Application V3.0.0 and earlier allows remote attackers to hijack the authentication of administrators via unspecified vectors. | 8.8 |
| 2017-04-28 | CVE-2017-2097 | Cross-Site Request Forgery (CSRF) vulnerability in Support-Project Knowledge Cross-site request forgery (CSRF) vulnerability in Knowledge versions prior to v1.7.0 allows remote attackers to hijack the authentication of administrators via unspecified vectors. | 8.8 |