Vulnerabilities > Cross-Site Request Forgery (CSRF)
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-12-26 | CVE-2023-46699 | Cross-Site Request Forgery (CSRF) vulnerability in Weseek Growi Cross-site request forgery (CSRF) vulnerability exists in the User settings (/me) page of GROWI versions prior to v6.0.0. | 4.3 |
| 2023-12-25 | CVE-2023-48652 | Cross-Site Request Forgery (CSRF) vulnerability in Concretecms Concrete CMS Concrete CMS 9 before 9.2.3 is vulnerable to Cross Site Request Forgery (CSRF) via /ccm/system/dialogs/logs/delete_all/submit. | 4.3 |
| 2023-12-24 | CVE-2023-7092 | Cross-Site Request Forgery (CSRF) vulnerability in Uniwayinfo Uw-302Vp Firmware 2.0 A vulnerability was found in Uniway UW-302VP 2.0. | 4.3 |
| 2023-12-23 | CVE-2023-5961 | Cross-Site Request Forgery (CSRF) vulnerability in Moxa products A Cross-Site Request Forgery (CSRF) vulnerability has been identified in ioLogik E1200 Series firmware versions v3.3 and prior. | 8.8 |
| 2023-12-22 | CVE-2023-7052 | Cross-Site Request Forgery (CSRF) vulnerability in PHPgurukul Online Notes Sharing System 1.0 A vulnerability was found in PHPGurukul Online Notes Sharing System 1.0. | 4.3 |
| 2023-12-21 | CVE-2023-7051 | Cross-Site Request Forgery (CSRF) vulnerability in PHPgurukul Online Notes Sharing System 1.0 A vulnerability was found in PHPGurukul Online Notes Sharing System 1.0 and classified as problematic. | 4.3 |
| 2023-12-21 | CVE-2023-7038 | Cross-Site Request Forgery (CSRF) vulnerability in Automad A vulnerability was found in automad up to 1.10.9. | 6.5 |
| 2023-12-21 | CVE-2023-49920 | Cross-Site Request Forgery (CSRF) vulnerability in Apache Airflow Apache Airflow, version 2.7.0 through 2.7.3, has a vulnerability that allows an attacker to trigger a DAG in a GET request without CSRF validation. As a result, it was possible for a malicious website opened in the same browser - by the user who also had Airflow UI opened - to trigger the execution of DAGs without the user's consent. Users are advised to upgrade to version 2.8.0 or later which is not affected | 6.5 |
| 2023-12-20 | CVE-2023-6689 | Cross-Site Request Forgery (CSRF) vulnerability in Efacec BCU 500 Firmware 4.07 A successful CSRF attack could force the user to perform state changing requests on the application. | 8.8 |
| 2023-12-19 | CVE-2023-49164 | Cross-Site Request Forgery (CSRF) vulnerability in Oceanwp Ocean Extra Cross-Site Request Forgery (CSRF) vulnerability in OceanWP Ocean Extra.This issue affects Ocean Extra: from n/a through 2.2.2. | 8.8 |