Vulnerabilities > Cross-Site Request Forgery (CSRF)

DATE CVE VULNERABILITY TITLE RISK
2023-12-13 CVE-2023-50778 Cross-Site Request Forgery (CSRF) vulnerability in Jenkins Paaslane Estimate 1.0.4
A cross-site request forgery (CSRF) vulnerability in Jenkins PaaSLane Estimate Plugin 1.0.4 and earlier allows attackers to connect to an attacker-specified URL using an attacker-specified token.
network
low complexity
jenkins CWE-352
8.8
8.8
2023-12-13 CVE-2023-47322 Cross-Site Request Forgery (CSRF) vulnerability in Silverpeas
The "userModify" feature of Silverpeas Core 6.3.1 is vulnerable to Cross Site Request Forgery (CSRF) leading to privilege escalation.
network
low complexity
silverpeas CWE-352
8.8
8.8
2023-12-13 CVE-2023-47326 Cross-Site Request Forgery (CSRF) vulnerability in Silverpeas
Silverpeas Core 6.3.1 is vulnerable to Cross Site Request Forgery (CSRF) via the Domain SQL Create function.
network
low complexity
silverpeas CWE-352
8.8
8.8
2023-12-13 CVE-2022-27488 Cross-Site Request Forgery (CSRF) vulnerability in Fortinet products
A cross-site request forgery (CSRF) in Fortinet FortiVoiceEnterprise version 6.4.x, 6.0.x, FortiSwitch version 7.0.0 through 7.0.4, 6.4.0 through 6.4.10, 6.2.0 through 6.2.7, 6.0.x, FortiMail version 7.0.0 through 7.0.3, 6.4.0 through 6.4.6, 6.2.x, 6.0.x FortiRecorder version 6.4.0 through 6.4.2, 6.0.x, 2.7.x, 2.6.x, FortiNDR version 1.x.x allows a remote unauthenticated attacker to execute commands on the CLI via tricking an authenticated administrator to execute malicious GET requests.
network
low complexity
fortinet CWE-352
8.8
8.8
2023-12-13 CVE-2023-47578 Cross-Site Request Forgery (CSRF) vulnerability in Relyum Rely-Pcie Firmware and Rely-Rec Firmware
Relyum RELY-PCIe 22.2.1 and RELY-REC 23.1.0 devices are susceptible to Cross Site Request Forgery (CSRF) attacks due to the absence of CSRF protection in the web interface.
network
low complexity
relyum CWE-352
8.8
8.8
2023-12-10 CVE-2023-6653 Cross-Site Request Forgery (CSRF) vulnerability in PHPgurukul Teacher Subject Allocation Management System 1.0
A vulnerability was found in PHPGurukul Teacher Subject Allocation Management System 1.0.
network
low complexity
phpgurukul CWE-352
4.3
4.3
2023-12-09 CVE-2023-5756 Cross-Site Request Forgery (CSRF) vulnerability in Supsystic Digital Publications BY Supsystic
The Digital Publications by Supsystic plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.7.6.
network
low complexity
supsystic CWE-352
8.8
8.8
2023-12-05 CVE-2023-49372 Cross-Site Request Forgery (CSRF) vulnerability in Jfinalcms Project Jfinalcms 5.0
JFinalCMS v5.0.0 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via /admin/slide/save.
network
low complexity
jfinalcms-project CWE-352
8.8
8.8
2023-12-05 CVE-2023-49373 Cross-Site Request Forgery (CSRF) vulnerability in Jfinalcms Project Jfinalcms 5.0.0
JFinalCMS v5.0.0 was discovered to contain a Cross-Site Request Forgery (CSRF) via /admin/slide/delete.
network
low complexity
jfinalcms-project CWE-352
8.8
8.8
2023-12-05 CVE-2023-49374 Cross-Site Request Forgery (CSRF) vulnerability in Jfinalcms Project Jfinalcms 5.0.0
JFinalCMS v5.0.0 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via /admin/slide/update.
network
low complexity
jfinalcms-project CWE-352
8.8
8.8