Vulnerabilities > Cross-Site Request Forgery (CSRF)
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-08-21 | CVE-2023-39061 | Cross-Site Request Forgery (CSRF) vulnerability in Chamilo Cross Site Request Forgery (CSRF) vulnerability in Chamilo v.1.11 thru v.1.11.20 allows a remote authenticated privileged attacker to execute arbitrary code. | 3.5 |
| 2023-08-16 | CVE-2023-20221 | Cross-Site Request Forgery (CSRF) vulnerability in Cisco products A vulnerability in the web-based management interface of Cisco IP Phone 6800, 7800, and 8800 Series with Multiplatform Firmware could allow an unauthenticated, remote attacker to conduct a cross-site request forgery (CSRF) attack against a user of the web-based management interface of an affected system. This vulnerability is due to insufficient CSRF protections for the web-based management interface of an affected device. | 6.5 |
| 2023-08-16 | CVE-2023-40336 | Cross-Site Request Forgery (CSRF) vulnerability in Jenkins Folders A cross-site request forgery (CSRF) vulnerability in Jenkins Folders Plugin 6.846.v23698686f0f6 and earlier allows attackers to copy folders. | 8.8 |
| 2023-08-16 | CVE-2023-40337 | Cross-Site Request Forgery (CSRF) vulnerability in Jenkins Folders A cross-site request forgery (CSRF) vulnerability in Jenkins Folders Plugin 6.846.v23698686f0f6 and earlier allows attackers to copy a view inside a folder. | 4.3 |
| 2023-08-16 | CVE-2023-40341 | Cross-Site Request Forgery (CSRF) vulnerability in Jenkins Blue Ocean A cross-site request forgery (CSRF) vulnerability in Jenkins Blue Ocean Plugin 1.27.5 and earlier allows attackers to connect to an attacker-specified URL, capturing GitHub credentials associated with an attacker-specified job. | 8.8 |
| 2023-08-16 | CVE-2023-40351 | Cross-Site Request Forgery (CSRF) vulnerability in Jenkins Favorite View A cross-site request forgery (CSRF) vulnerability in Jenkins Favorite View Plugin 5.v77a_37f62782d and earlier allows attackers to add or remove views from another user's favorite views tab bar. | 4.3 |
| 2023-08-11 | CVE-2020-23595 | Cross-Site Request Forgery (CSRF) vulnerability in Yzmcms 5.6 Cross Site Request Forgery (CSRF) vulnerability in yzmcms version 5.6, allows remote attackers to escalate privileges and gain sensitive information sitemodel/add.html endpoint. | 8.8 |
| 2023-08-11 | CVE-2020-24922 | Cross-Site Request Forgery (CSRF) vulnerability in Xuxueli Xxl-Job 2.2.0 Cross Site Request Forgery (CSRF) vulnerability in xxl-job-admin/user/add in xuxueli xxl-job version 2.2.0, allows remote attackers to execute arbitrary code and esclate privileges via crafted .html file. | 8.8 |
| 2023-08-09 | CVE-2023-38348 | Cross-Site Request Forgery (CSRF) vulnerability in Lw-Systems Benno Mailarchiv 2.10.1 A CSRF issue was discovered in LWsystems Benno MailArchiv 2.10.1. | 8.8 |
| 2023-08-09 | CVE-2023-38999 | Cross-Site Request Forgery (CSRF) vulnerability in Opnsense A Cross-Site Request Forgery (CSRF) in the System Halt API (/system/halt) of OPNsense Community Edition before 23.7 and Business Edition before 23.4.2 allows attackers to cause a Denial of Service (DoS) via a crafted GET request. | 6.5 |