Vulnerabilities > Cross-Site Request Forgery (CSRF)
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-09-15 | CVE-2023-4959 | Cross-Site Request Forgery (CSRF) vulnerability in Redhat Quay 3.0.0 A flaw was found in Quay. | 6.5 |
| 2023-09-14 | CVE-2023-40868 | Cross-Site Request Forgery (CSRF) vulnerability in Moosocial Cross Site Request Forgery vulnerability in mooSocial MooSocial Software v.Demo allows a remote attacker to execute arbitrary code via the Delete Account and Deactivate functions. | 8.8 |
| 2023-09-14 | CVE-2023-39285 | Cross-Site Request Forgery (CSRF) vulnerability in Mitel Mivoice Connect A vulnerability in the Edge Gateway component of Mitel MiVoice Connect through 19.3 SP3 (22.24.5800.0) could allow an unauthenticated attacker to perform a Cross Site Request Forgery (CSRF) attack due to insufficient request validation. | 4.3 |
| 2023-09-14 | CVE-2023-39286 | Cross-Site Request Forgery (CSRF) vulnerability in Mitel Connect Mobility Router 9.6.2307.103 A vulnerability in the Connect Mobility Router component of Mitel MiVoice Connect through 9.6.2304.102 could allow an unauthenticated attacker to perform a Cross Site Request Forgery (CSRF) attack due to insufficient request validation. | 4.3 |
| 2023-09-08 | CVE-2023-40953 | Cross-Site Request Forgery (CSRF) vulnerability in Idreamsoft Icms 7.0.16 icms 7.0.16 is vulnerable to Cross Site Request Forgery (CSRF). | 8.8 |
| 2023-09-06 | CVE-2023-41938 | Cross-Site Request Forgery (CSRF) vulnerability in Jenkins IVY A cross-site request forgery (CSRF) vulnerability in Jenkins Ivy Plugin 2.5 and earlier allows attackers to delete disabled modules. | 6.5 |
| 2023-09-06 | CVE-2023-41942 | Cross-Site Request Forgery (CSRF) vulnerability in Jenkins AWS Codecommit Trigger 3.0.12 A cross-site request forgery (CSRF) vulnerability in Jenkins AWS CodeCommit Trigger Plugin 3.0.12 and earlier allows attackers to clear the SQS queue. | 4.3 |
| 2023-09-06 | CVE-2023-41946 | Cross-Site Request Forgery (CSRF) vulnerability in Jenkins Frugal Testing 1.0/1.1 A cross-site request forgery (CSRF) vulnerability in Jenkins Frugal Testing Plugin 1.1 and earlier allows attackers to connect to Frugal Testing using attacker-specified credentials, and to retrieve test IDs and names from Frugal Testing, if a valid credential corresponds to the attacker-specified username. | 3.5 |
| 2023-09-05 | CVE-2015-1391 | Cross-Site Request Forgery (CSRF) vulnerability in HP Airwave Aruba AirWave before 8.0.7 allows bypass of a CSRF protection mechanism. | 8.8 |
| 2023-08-31 | CVE-2023-31174 | Cross-Site Request Forgery (CSRF) vulnerability in Selinc Sel-5037 SEL Grid Configurator A Cross-Site Request Forgery (CSRF) vulnerability in the Schweitzer Engineering Laboratories SEL-5037 SEL Grid Configurator could allow an attacker to embed instructions that could be executed by an authorized device operator. See Instruction Manual Appendix A and Appendix E dated 20230615 for more details. This issue affects SEL-5037 SEL Grid Configurator: before 4.5.0.20. | 6.5 |