Vulnerabilities > Cross-Site Request Forgery (CSRF)
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-09-20 | CVE-2022-23685 | Cross-Site Request Forgery (CSRF) vulnerability in Arubanetworks Clearpass Policy Manager A vulnerability in the ClearPass Policy Manager web-based management interface exists which exposes some endpoints to a lack of Cross-Site Request Forgery (CSRF) protection. | 8.8 |
| 2022-09-20 | CVE-2022-35196 | Cross-Site Request Forgery (CSRF) vulnerability in Testlink 1.9.20 TestLink v1.9.20 was discovered to contain a Cross-Site Request Forgery (CSRF) via /lib/plan/planView.php. | 8.8 |
| 2022-09-13 | CVE-2022-38329 | Cross-Site Request Forgery (CSRF) vulnerability in Shopxian CMS 3.0.0 An issue was discovered in Shopxian CMS 3.0.0. | 4.3 |
| 2022-09-13 | CVE-2022-40623 | Cross-Site Request Forgery (CSRF) vulnerability in Wavlink Wn531G3 Firmware M31G3.V5030.200325 The WAVLINK Quantum D4G (WN531G3) running firmware version M31G3.V5030.200325 does not utilize anti-CSRF tokens, which, when combined with other issues (such as CVE-2022-35518), can lead to remote, unauthenticated command execution. | 8.8 |
| 2022-09-13 | CVE-2022-32555 | Cross-Site Request Forgery (CSRF) vulnerability in Unisys Data Exchange Management Studio 6.0.Ic1/7.0 Unisys Data Exchange Management Studio before 6.0.IC2 and 7.x before 7.0.IC1 doesn't have an Anti-CSRF token to authenticate the POST request. | 8.8 |
| 2022-09-07 | CVE-2022-37730 | Cross-Site Request Forgery (CSRF) vulnerability in Ftcms 2.1 In ftcms 2.1, there is a Cross Site Request Forgery (CSRF) vulnerability in the PHP page, which causes the attacker to forge a link to trick him to click on a malicious link or visit a page containing attack code, and send a request to the server (corresponding to the identity authentication information) as the victim without the victim's knowledge. | 8.8 |
| 2022-09-06 | CVE-2022-23679 | Cross-Site Request Forgery (CSRF) vulnerability in Arubanetworks Aos-Cx AOS-CX lacks Anti-CSRF protections in place for state-changing operations. | 8.8 |
| 2022-09-06 | CVE-2022-23680 | Cross-Site Request Forgery (CSRF) vulnerability in Arubanetworks Aos-Cx AOS-CX lacks Anti-CSRF protections in place for state-changing operations. | 8.8 |
| 2022-09-06 | CVE-2022-2233 | Cross-Site Request Forgery (CSRF) vulnerability in Banner Cycler Project Banner Cycler 1.4 The Banner Cycler plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including 1.4. | 8.8 |
| 2022-09-06 | CVE-2022-2432 | Cross-Site Request Forgery (CSRF) vulnerability in Lightspeedhq Ecwid Ecommerce Shopping Cart The Ecwid Ecommerce Shopping Cart plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 6.10.23. | 4.3 |