Vulnerabilities > Cross-Site Request Forgery (CSRF)

DATE CVE VULNERABILITY TITLE RISK
2023-04-12 CVE-2023-30525 Cross-Site Request Forgery (CSRF) vulnerability in Jenkins Report Portal
A cross-site request forgery (CSRF) vulnerability in Jenkins Report Portal Plugin 0.5 and earlier allows attackers to connect to an attacker-specified URL using attacker-specified bearer token authentication.
network
low complexity
jenkins CWE-352
8.8
8.8
2023-04-12 CVE-2023-30529 Cross-Site Request Forgery (CSRF) vulnerability in Jenkins Lucene-Search 370.V62A5F618Cd3A/387.V938Aecbf7Fe9
Jenkins Lucene-Search Plugin 387.v938a_ecb_f7fe9 and earlier does not require POST requests for an HTTP endpoint, allowing attackers to reindex the database.
network
low complexity
jenkins CWE-352
4.3
4.3
2023-04-11 CVE-2023-25411 Cross-Site Request Forgery (CSRF) vulnerability in Aten Pe8108 Firmware 2.4.232
Aten PE8108 2.4.232 is vulnerable to Cross Site Request Forgery (CSRF).
network
low complexity
aten CWE-352
4.3
4.3
2023-04-11 CVE-2020-19803 Cross-Site Request Forgery (CSRF) vulnerability in Doyocms Project Doyocms 2.3
Cross Site Request Forgery vulnerability found in Milken DoyoCMS v.2.3 allows a remote attacker to execute arbitrary code via the background system settings.
network
low complexity
doyocms-project CWE-352
8.8
8.8
2023-04-11 CVE-2023-26845 Cross-Site Request Forgery (CSRF) vulnerability in Opencats 0.9.7
A Cross-Site Request Forgery (CSRF) in OpenCATS 0.9.7 allows attackers to force users into submitting web requests via unspecified vectors.
network
low complexity
opencats CWE-352
4.3
4.3
2023-04-11 CVE-2023-27520 Cross-Site Request Forgery (CSRF) vulnerability in Epson products
Cross-site request forgery (CSRF) vulnerability in SEIKO EPSON printers/network interface Web Config allows a remote unauthenticated attacker to hijack the authentication and perform unintended operations by having a logged-in user view a malicious page.
network
low complexity
epson CWE-352
6.5
6.5
2023-04-06 CVE-2023-1923 Cross-Site Request Forgery (CSRF) vulnerability in Wpfastestcache WP Fastest Cache
The WP Fastest Cache plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.1.2.
network
low complexity
wpfastestcache CWE-352
4.3
4.3
2023-04-06 CVE-2023-29008 Cross-Site Request Forgery (CSRF) vulnerability in Svelte Sveltekit 1.15.0/1.15.1
The SvelteKit framework offers developers an option to create simple REST APIs.
network
low complexity
svelte CWE-352
8.8
8.8
2023-04-05 CVE-2023-20130 Cross-Site Request Forgery (CSRF) vulnerability in Cisco Prime Infrastructure
Multiple vulnerabilities in the web-based management interface of Cisco Prime Infrastructure and Cisco Evolved Programmable Network Manager (EPNM) could allow a remote attacker to obtain privileged information and conduct cross-site scripting (XSS) and cross-site request forgery (CSRF) attacks.
network
low complexity
cisco CWE-352
6.5
6.5
2023-04-04 CVE-2023-0480 Cross-Site Request Forgery (CSRF) vulnerability in Vitalpbx 3.2.3
VitalPBX version 3.2.3-8 allows an unauthenticated external attacker to obtain the instance administrator's account.
network
low complexity
vitalpbx CWE-352
8.8
8.8