Vulnerabilities > Cross-Site Request Forgery (CSRF)

DATE CVE VULNERABILITY TITLE RISK
2023-12-18 CVE-2023-49854 Cross-Site Request Forgery (CSRF) vulnerability in Madebytribe Caddy
Cross-Site Request Forgery (CSRF) vulnerability in Tribe Interactive Caddy – Smart Side Cart for WooCommerce.This issue affects Caddy – Smart Side Cart for WooCommerce: from n/a through 1.9.7.
network
low complexity
madebytribe CWE-352
8.8
8.8
2023-12-17 CVE-2023-49751 Cross-Site Request Forgery (CSRF) vulnerability in Getbutterfly Block for Font Awesome
Cross-Site Request Forgery (CSRF) vulnerability in Ciprian Popescu Block for Font Awesome.This issue affects Block for Font Awesome: from n/a through 1.4.0.
network
low complexity
getbutterfly CWE-352
8.8
8.8
2023-12-15 CVE-2023-50870 Cross-Site Request Forgery (CSRF) vulnerability in Jetbrains Teamcity
In JetBrains TeamCity before 2023.11.1 a CSRF on login was possible
network
low complexity
jetbrains CWE-352
8.8
8.8
2023-12-14 CVE-2023-50017 Cross-Site Request Forgery (CSRF) vulnerability in Iteachyou Dreamer CMS 4.1.3
Dreamer CMS v4.1.3 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component /admin/database/backup
network
low complexity
iteachyou CWE-352
8.8
8.8
2023-12-13 CVE-2023-50766 Cross-Site Request Forgery (CSRF) vulnerability in Jenkins Nexus Platform 3.18.003
A cross-site request forgery (CSRF) vulnerability in Jenkins Nexus Platform Plugin 3.18.0-03 and earlier allows attackers to send an HTTP request to an attacker-specified URL and parse the response as XML.
network
low complexity
jenkins CWE-352
8.8
8.8
2023-12-13 CVE-2023-50768 Cross-Site Request Forgery (CSRF) vulnerability in Jenkins Nexus Platform 3.18.003
A cross-site request forgery (CSRF) vulnerability in Jenkins Nexus Platform Plugin 3.18.0-03 and earlier allows attackers to connect to an attacker-specified HTTP server using attacker-specified credentials IDs obtained through another method, capturing credentials stored in Jenkins.
network
low complexity
jenkins CWE-352
8.8
8.8
2023-12-13 CVE-2023-50774 Cross-Site Request Forgery (CSRF) vulnerability in Jenkins Html Resource 1.01/1.02
A cross-site request forgery (CSRF) vulnerability in Jenkins HTMLResource Plugin 1.02 and earlier allows attackers to delete arbitrary files on the Jenkins controller file system.
network
low complexity
jenkins CWE-352
8.1
8.1
2023-12-13 CVE-2023-50775 Cross-Site Request Forgery (CSRF) vulnerability in Jenkins Deployment Dashboard
A cross-site request forgery (CSRF) vulnerability in Jenkins Deployment Dashboard Plugin 1.0.10 and earlier allows attackers to copy jobs.
network
low complexity
jenkins CWE-352
4.3
4.3
2023-12-13 CVE-2023-50778 Cross-Site Request Forgery (CSRF) vulnerability in Jenkins Paaslane Estimate 1.0.4
A cross-site request forgery (CSRF) vulnerability in Jenkins PaaSLane Estimate Plugin 1.0.4 and earlier allows attackers to connect to an attacker-specified URL using an attacker-specified token.
network
low complexity
jenkins CWE-352
8.8
8.8
2023-12-13 CVE-2023-47322 Cross-Site Request Forgery (CSRF) vulnerability in Silverpeas
The "userModify" feature of Silverpeas Core 6.3.1 is vulnerable to Cross Site Request Forgery (CSRF) leading to privilege escalation.
network
low complexity
silverpeas CWE-352
8.8
8.8