Vulnerabilities > Cross-Site Request Forgery (CSRF)
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2016-11-30 | CVE-2016-3004 | Cross-Site Request Forgery (CSRF) vulnerability in IBM Connections 4.0.0.0/4.5.0.0/5.0.0.0 Cross-site request forgery (CSRF) vulnerability in IBM Connections 4.0 through CR4, 4.5 through CR5, and 5.0 before CR4 allows remote authenticated users to hijack the authentication of arbitrary users for requests that modify the set of available applications. | 4.6 |
| 2016-11-30 | CVE-2016-2963 | Cross-Site Request Forgery (CSRF) vulnerability in IBM Bigfix Remote Control 9.1.2 Cross-site request forgery (CSRF) vulnerability in IBM BigFix Remote Control before 9.1.3 allows remote attackers to hijack the authentication of arbitrary users for requests that insert XSS sequences. | 8.8 |
| 2016-11-23 | CVE-2016-8673 | Cross-Site Request Forgery (CSRF) vulnerability in Siemens products A vulnerability has been identified in SIMATIC CP 343-1 Advanced (incl. | 8.8 |
| 2016-11-03 | CVE-2016-6454 | Cross-Site Request Forgery (CSRF) vulnerability in Cisco Hosted Collaboration Mediation Fulfillment A cross-site request forgery (CSRF) vulnerability in the web interface of the Cisco Hosted Collaboration Mediation Fulfillment application could allow an unauthenticated, remote attacker to execute unwanted actions. | 6.5 |
| 2016-10-27 | CVE-2016-6444 | Cross-Site Request Forgery (CSRF) vulnerability in Cisco Meeting Server A vulnerability in Cisco Meeting Server could allow an unauthenticated, remote attacker to conduct a cross-site request forgery (CSRF) attack against a Web Bridge user. | 8.8 |
| 2016-10-27 | CVE-2016-6442 | Cross-Site Request Forgery (CSRF) vulnerability in Cisco Finesse 11.0(1)Base A vulnerability in Cisco Finesse Agent and Supervisor Desktop Software could allow an unauthenticated, remote attacker to conduct a cross-site request forgery (CSRF) attack against the user of the web interface. | 8.8 |
| 2016-10-26 | CVE-2016-8504 | Cross-Site Request Forgery (CSRF) vulnerability in Yandex Browser CSRF of synchronization form in Yandex Browser for desktop before version 16.6 could be used by remote attacker to steal saved data in browser profile. | 4.3 |
| 2016-10-25 | CVE-2016-1000213 | Cross-Site Request Forgery (CSRF) vulnerability in Ruckus Wireless H500 Ruckus Wireless H500 web management interface CSRF | 8.8 |
| 2016-10-06 | CVE-2016-6427 | Cross-Site Request Forgery (CSRF) vulnerability in Cisco products Cross-site request forgery (CSRF) vulnerability in Cisco Unified Intelligence Center (CUIC) 8.5.4 through 9.1(1), as used in Unified Contact Center Express 10.0(1) through 11.0(1), allows remote attackers to hijack the authentication of arbitrary users, aka Bug IDs CSCuy75036 and CSCuy81654. | 8.8 |
| 2016-10-05 | CVE-2016-6417 | Cross-Site Request Forgery (CSRF) vulnerability in Cisco Firesight System Software Cross-site request forgery (CSRF) vulnerability in Cisco FireSIGHT System Software 4.10.2 through 6.1.0 and Firepower Management Center allows remote attackers to hijack the authentication of arbitrary users, aka Bug ID CSCva21636. | 8.8 |