Vulnerabilities > Cross-Site Request Forgery (CSRF)

DATE CVE VULNERABILITY TITLE RISK
2023-12-13 CVE-2022-27488 Cross-Site Request Forgery (CSRF) vulnerability in Fortinet products
A cross-site request forgery (CSRF) in Fortinet FortiVoiceEnterprise version 6.4.x, 6.0.x, FortiSwitch version 7.0.0 through 7.0.4, 6.4.0 through 6.4.10, 6.2.0 through 6.2.7, 6.0.x, FortiMail version 7.0.0 through 7.0.3, 6.4.0 through 6.4.6, 6.2.x, 6.0.x FortiRecorder version 6.4.0 through 6.4.2, 6.0.x, 2.7.x, 2.6.x, FortiNDR version 1.x.x allows a remote unauthenticated attacker to execute commands on the CLI via tricking an authenticated administrator to execute malicious GET requests.
network
low complexity
fortinet CWE-352
8.8
8.8
2023-12-13 CVE-2023-47578 Cross-Site Request Forgery (CSRF) vulnerability in Relyum Rely-Pcie Firmware and Rely-Rec Firmware
Relyum RELY-PCIe 22.2.1 and RELY-REC 23.1.0 devices are susceptible to Cross Site Request Forgery (CSRF) attacks due to the absence of CSRF protection in the web interface.
network
low complexity
relyum CWE-352
8.8
8.8
2023-12-11 CVE-2023-6671 Cross-Site Request Forgery (CSRF) vulnerability in Openjournalsystems Open Journal Systems 3.3.0.13
A vulnerability has been discovered on OJS, that consists in a CSRF (Cross-Site Request Forgery) attack that forces an end user to execute unwanted actions on a web application in which they're currently authenticated.
network
low complexity
openjournalsystems CWE-352
8.8
8.8
2023-12-10 CVE-2023-6653 Cross-Site Request Forgery (CSRF) vulnerability in PHPgurukul Teacher Subject Allocation Management System 1.0
A vulnerability was found in PHPGurukul Teacher Subject Allocation Management System 1.0.
network
low complexity
phpgurukul CWE-352
4.3
4.3
2023-12-09 CVE-2023-5756 Cross-Site Request Forgery (CSRF) vulnerability in Supsystic Digital Publications BY Supsystic
The Digital Publications by Supsystic plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.7.6.
network
low complexity
supsystic CWE-352
8.8
8.8
2023-12-05 CVE-2023-49372 Cross-Site Request Forgery (CSRF) vulnerability in Jfinalcms Project Jfinalcms 5.0
JFinalCMS v5.0.0 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via /admin/slide/save.
network
low complexity
jfinalcms-project CWE-352
8.8
8.8
2023-12-05 CVE-2023-49373 Cross-Site Request Forgery (CSRF) vulnerability in Jfinalcms Project Jfinalcms 5.0.0
JFinalCMS v5.0.0 was discovered to contain a Cross-Site Request Forgery (CSRF) via /admin/slide/delete.
network
low complexity
jfinalcms-project CWE-352
8.8
8.8
2023-12-05 CVE-2023-49374 Cross-Site Request Forgery (CSRF) vulnerability in Jfinalcms Project Jfinalcms 5.0.0
JFinalCMS v5.0.0 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via /admin/slide/update.
network
low complexity
jfinalcms-project CWE-352
8.8
8.8
2023-12-05 CVE-2023-49375 Cross-Site Request Forgery (CSRF) vulnerability in Jfinalcms Project Jfinalcms 5.0.0
JFinalCMS v5.0.0 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via /admin/friend_link/update.
network
low complexity
jfinalcms-project CWE-352
8.8
8.8
2023-12-05 CVE-2023-49376 Cross-Site Request Forgery (CSRF) vulnerability in Jfinalcms Project Jfinalcms 5.0.0
JFinalCMS v5.0.0 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via /admin/tag/delete.
network
low complexity
jfinalcms-project CWE-352
8.8
8.8