Vulnerabilities > Cross-Site Request Forgery (CSRF)

DATE CVE VULNERABILITY TITLE RISK
2023-12-18 CVE-2023-48766 Cross-Site Request Forgery (CSRF) vulnerability in Svgator
Cross-Site Request Forgery (CSRF) vulnerability in SVGator SVGator – Add Animated SVG Easily.This issue affects SVGator – Add Animated SVG Easily: from n/a through 1.2.4.
network
low complexity
svgator CWE-352
8.8
8.8
2023-12-18 CVE-2023-47806 Cross-Site Request Forgery (CSRF) vulnerability in Saintsystems Disable User Login
Cross-Site Request Forgery (CSRF) vulnerability in Saint Systems Disable User Login.This issue affects Disable User Login: from n/a through 1.3.7.
network
low complexity
saintsystems CWE-352
8.8
8.8
2023-12-18 CVE-2023-49854 Cross-Site Request Forgery (CSRF) vulnerability in Madebytribe Caddy
Cross-Site Request Forgery (CSRF) vulnerability in Tribe Interactive Caddy – Smart Side Cart for WooCommerce.This issue affects Caddy – Smart Side Cart for WooCommerce: from n/a through 1.9.7.
network
low complexity
madebytribe CWE-352
8.8
8.8
2023-12-17 CVE-2023-49751 Cross-Site Request Forgery (CSRF) vulnerability in Getbutterfly Block for Font Awesome
Cross-Site Request Forgery (CSRF) vulnerability in Ciprian Popescu Block for Font Awesome.This issue affects Block for Font Awesome: from n/a through 1.4.0.
network
low complexity
getbutterfly CWE-352
8.8
8.8
2023-12-15 CVE-2023-50870 Cross-Site Request Forgery (CSRF) vulnerability in Jetbrains Teamcity
In JetBrains TeamCity before 2023.11.1 a CSRF on login was possible
network
low complexity
jetbrains CWE-352
8.8
8.8
2023-12-14 CVE-2023-50017 Cross-Site Request Forgery (CSRF) vulnerability in Iteachyou Dreamer CMS 4.1.3
Dreamer CMS v4.1.3 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component /admin/database/backup
network
low complexity
iteachyou CWE-352
8.8
8.8
2023-12-13 CVE-2023-50766 Cross-Site Request Forgery (CSRF) vulnerability in Jenkins Nexus Platform 3.18.003
A cross-site request forgery (CSRF) vulnerability in Jenkins Nexus Platform Plugin 3.18.0-03 and earlier allows attackers to send an HTTP request to an attacker-specified URL and parse the response as XML.
network
low complexity
jenkins CWE-352
8.8
8.8
2023-12-13 CVE-2023-50768 Cross-Site Request Forgery (CSRF) vulnerability in Jenkins Nexus Platform 3.18.003
A cross-site request forgery (CSRF) vulnerability in Jenkins Nexus Platform Plugin 3.18.0-03 and earlier allows attackers to connect to an attacker-specified HTTP server using attacker-specified credentials IDs obtained through another method, capturing credentials stored in Jenkins.
network
low complexity
jenkins CWE-352
8.8
8.8
2023-12-13 CVE-2023-50774 Cross-Site Request Forgery (CSRF) vulnerability in Jenkins Html Resource 1.01/1.02
A cross-site request forgery (CSRF) vulnerability in Jenkins HTMLResource Plugin 1.02 and earlier allows attackers to delete arbitrary files on the Jenkins controller file system.
network
low complexity
jenkins CWE-352
8.1
8.1
2023-12-13 CVE-2023-50775 Cross-Site Request Forgery (CSRF) vulnerability in Jenkins Deployment Dashboard
A cross-site request forgery (CSRF) vulnerability in Jenkins Deployment Dashboard Plugin 1.0.10 and earlier allows attackers to copy jobs.
network
low complexity
jenkins CWE-352
4.3
4.3