Vulnerabilities > Cross-Site Request Forgery (CSRF)

DATE CVE VULNERABILITY TITLE RISK
2023-04-17 CVE-2023-29213 Cross-Site Request Forgery (CSRF) vulnerability in Xwiki
XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it.
network
low complexity
xwiki CWE-352
8.8
8.8
2023-04-15 CVE-2018-17451 Cross-Site Request Forgery (CSRF) vulnerability in Gitlab
An issue was discovered in GitLab Community and Enterprise Edition before 11.1.7, 11.2.x before 11.2.4, and 11.3.x before 11.3.1.
network
low complexity
gitlab CWE-352
8.8
8.8
2023-04-12 CVE-2023-30525 Cross-Site Request Forgery (CSRF) vulnerability in Jenkins Report Portal
A cross-site request forgery (CSRF) vulnerability in Jenkins Report Portal Plugin 0.5 and earlier allows attackers to connect to an attacker-specified URL using attacker-specified bearer token authentication.
network
low complexity
jenkins CWE-352
8.8
8.8
2023-04-12 CVE-2023-30529 Cross-Site Request Forgery (CSRF) vulnerability in Jenkins Lucene-Search 370.V62A5F618Cd3A/387.V938Aecbf7Fe9
Jenkins Lucene-Search Plugin 387.v938a_ecb_f7fe9 and earlier does not require POST requests for an HTTP endpoint, allowing attackers to reindex the database.
network
low complexity
jenkins CWE-352
4.3
4.3
2023-04-11 CVE-2023-25411 Cross-Site Request Forgery (CSRF) vulnerability in Aten Pe8108 Firmware 2.4.232
Aten PE8108 2.4.232 is vulnerable to Cross Site Request Forgery (CSRF).
network
low complexity
aten CWE-352
4.3
4.3
2023-04-11 CVE-2020-19803 Cross-Site Request Forgery (CSRF) vulnerability in Doyocms Project Doyocms 2.3
Cross Site Request Forgery vulnerability found in Milken DoyoCMS v.2.3 allows a remote attacker to execute arbitrary code via the background system settings.
network
low complexity
doyocms-project CWE-352
8.8
8.8
2023-04-11 CVE-2023-26845 Cross-Site Request Forgery (CSRF) vulnerability in Opencats 0.9.7
A Cross-Site Request Forgery (CSRF) in OpenCATS 0.9.7 allows attackers to force users into submitting web requests via unspecified vectors.
network
low complexity
opencats CWE-352
4.3
4.3
2023-04-11 CVE-2023-27520 Cross-Site Request Forgery (CSRF) vulnerability in Epson products
Cross-site request forgery (CSRF) vulnerability in SEIKO EPSON printers/network interface Web Config allows a remote unauthenticated attacker to hijack the authentication and perform unintended operations by having a logged-in user view a malicious page.
network
low complexity
epson CWE-352
6.5
6.5
2023-04-06 CVE-2023-1923 Cross-Site Request Forgery (CSRF) vulnerability in Wpfastestcache WP Fastest Cache
The WP Fastest Cache plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.1.2.
network
low complexity
wpfastestcache CWE-352
4.3
4.3
2023-04-06 CVE-2023-29008 Cross-Site Request Forgery (CSRF) vulnerability in Svelte Sveltekit 1.15.0/1.15.1
The SvelteKit framework offers developers an option to create simple REST APIs.
network
low complexity
svelte CWE-352
8.8
8.8