Vulnerabilities > Cross-Site Request Forgery (CSRF)
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-05-08 | CVE-2020-36065 | Cross-Site Request Forgery (CSRF) vulnerability in Flycms Project Flycms 1.0 Cross Site Request Forgery (CSRF) vulnerability in FlyCms 1.0 allows attackers to add arbitrary administrator accounts via system/admin/admin_save. | 8.8 |
| 2023-05-03 | CVE-2023-1965 | Cross-Site Request Forgery (CSRF) vulnerability in Gitlab An issue has been discovered in GitLab EE affecting all versions starting from 14.2 before 15.9.6, all versions starting from 15.10 before 15.10.5, all versions starting from 15.11 before 15.11.1. | 6.5 |
| 2023-04-28 | CVE-2023-29815 | Cross-Site Request Forgery (CSRF) vulnerability in Chshcms Mccms 2.6.3 mccms v2.6.3 is vulnerable to Cross Site Request Forgery (CSRF). | 8.8 |
| 2023-04-26 | CVE-2023-2307 | Cross-Site Request Forgery (CSRF) vulnerability in Builder Qwik Cross-Site Request Forgery (CSRF) in GitHub repository builderio/qwik prior to 0.104.0. | 6.5 |
| 2023-04-25 | CVE-2022-40724 | Cross-Site Request Forgery (CSRF) vulnerability in Pingidentity Pingfederate The PingFederate Local Identity Profiles '/pf/idprofile.ping' endpoint is vulnerable to Cross-Site Request Forgery (CSRF) through crafted GET requests. | 8.8 |
| 2023-04-25 | CVE-2023-26839 | Cross-Site Request Forgery (CSRF) vulnerability in Churchcrm 4.5.3 A cross-site request forgery (CSRF) vulnerability in ChurchCRM v4.5.3 allows attackers to edit information for existing people on the site. | 4.3 |
| 2023-04-25 | CVE-2023-26840 | Cross-Site Request Forgery (CSRF) vulnerability in Churchcrm 4.5.3 A cross-site request forgery (CSRF) vulnerability in ChurchCRM v4.5.3 allows attackers to set a person to a user and set that user to be an Administrator. | 5.3 |
| 2023-04-25 | CVE-2023-26841 | Cross-Site Request Forgery (CSRF) vulnerability in Churchcrm 4.5.3 A cross-site request forgery (CSRF) vulnerability in ChurchCRM v4.5.3 allows attackers to change any user's password except for the user that is currently logged in. | 6.5 |
| 2023-04-24 | CVE-2023-31061 | Cross-Site Request Forgery (CSRF) vulnerability in Repetier-Server Repetier Server through 1.4.10 does not have CSRF protection. | 8.8 |
| 2023-04-21 | CVE-2023-29020 | Cross-Site Request Forgery (CSRF) vulnerability in Fastify Passport @fastify/passport is a port of passport authentication library for the Fastify ecosystem. | 6.5 |