Vulnerabilities > Cross-Site Request Forgery (CSRF)

DATE CVE VULNERABILITY TITLE RISK
2023-12-15 CVE-2023-50870 Cross-Site Request Forgery (CSRF) vulnerability in Jetbrains Teamcity
In JetBrains TeamCity before 2023.11.1 a CSRF on login was possible
network
low complexity
jetbrains CWE-352
8.8
8.8
2023-12-14 CVE-2023-50017 Cross-Site Request Forgery (CSRF) vulnerability in Iteachyou Dreamer CMS 4.1.3
Dreamer CMS v4.1.3 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component /admin/database/backup
network
low complexity
iteachyou CWE-352
8.8
8.8
2023-12-13 CVE-2023-50766 Cross-Site Request Forgery (CSRF) vulnerability in Jenkins Nexus Platform 3.18.003
A cross-site request forgery (CSRF) vulnerability in Jenkins Nexus Platform Plugin 3.18.0-03 and earlier allows attackers to send an HTTP request to an attacker-specified URL and parse the response as XML.
network
low complexity
jenkins CWE-352
8.8
8.8
2023-12-13 CVE-2023-50768 Cross-Site Request Forgery (CSRF) vulnerability in Jenkins Nexus Platform 3.18.003
A cross-site request forgery (CSRF) vulnerability in Jenkins Nexus Platform Plugin 3.18.0-03 and earlier allows attackers to connect to an attacker-specified HTTP server using attacker-specified credentials IDs obtained through another method, capturing credentials stored in Jenkins.
network
low complexity
jenkins CWE-352
8.8
8.8
2023-12-13 CVE-2023-50774 Cross-Site Request Forgery (CSRF) vulnerability in Jenkins Html Resource 1.01/1.02
A cross-site request forgery (CSRF) vulnerability in Jenkins HTMLResource Plugin 1.02 and earlier allows attackers to delete arbitrary files on the Jenkins controller file system.
network
low complexity
jenkins CWE-352
8.1
8.1
2023-12-13 CVE-2023-50775 Cross-Site Request Forgery (CSRF) vulnerability in Jenkins Deployment Dashboard
A cross-site request forgery (CSRF) vulnerability in Jenkins Deployment Dashboard Plugin 1.0.10 and earlier allows attackers to copy jobs.
network
low complexity
jenkins CWE-352
4.3
4.3
2023-12-13 CVE-2023-50778 Cross-Site Request Forgery (CSRF) vulnerability in Jenkins Paaslane Estimate 1.0.4
A cross-site request forgery (CSRF) vulnerability in Jenkins PaaSLane Estimate Plugin 1.0.4 and earlier allows attackers to connect to an attacker-specified URL using an attacker-specified token.
network
low complexity
jenkins CWE-352
8.8
8.8
2023-12-13 CVE-2023-6766 Cross-Site Request Forgery (CSRF) vulnerability in PHPgurukul Teacher Subject Allocation Management System 1.0
A vulnerability classified as problematic has been found in PHPGurukul Teacher Subject Allocation Management System 1.0.
network
low complexity
phpgurukul CWE-352
3.5
3.5
2023-12-13 CVE-2023-47322 Cross-Site Request Forgery (CSRF) vulnerability in Silverpeas
The "userModify" feature of Silverpeas Core 6.3.1 is vulnerable to Cross Site Request Forgery (CSRF) leading to privilege escalation.
network
low complexity
silverpeas CWE-352
8.8
8.8
2023-12-13 CVE-2023-47326 Cross-Site Request Forgery (CSRF) vulnerability in Silverpeas
Silverpeas Core 6.3.1 is vulnerable to Cross Site Request Forgery (CSRF) via the Domain SQL Create function.
network
low complexity
silverpeas CWE-352
8.8
8.8