Vulnerabilities > Cross-Site Request Forgery (CSRF)
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-08-16 | CVE-2022-36312 | Cross-Site Request Forgery (CSRF) vulnerability in Airspan Airvelocity 1500 Firmware 15.18.00.2511 Airspan AirVelocity 1500 software version 15.18.00.2511 lacks CSRF protections in the eNodeB's web management UI. | 8.8 |
| 2022-08-15 | CVE-2022-38359 | Cross-Site Request Forgery (CSRF) vulnerability in Eyeofnetwork Eyes of Network web 5.3 Cross-site request forgery attacks can be carried out against the Eyes of Network web application, due to an absence of adequate protections. | 8.8 |
| 2022-08-12 | CVE-2022-37043 | Cross-Site Request Forgery (CSRF) vulnerability in Zimbra Collaboration 8.8.15/9.0.0 An issue was discovered in the webmail component in Zimbra Collaboration Suite (ZCS) 8.8.15 and 9.0. | 5.7 |
| 2022-08-05 | CVE-2016-3098 | Cross-Site Request Forgery (CSRF) vulnerability in Thoughtbot Administrate Cross-site request forgery (CSRF) vulnerability in administrate 0.1.4 and earlier allows remote attackers to hijack the user's OAuth autorization code. | 5.4 |
| 2022-08-04 | CVE-2022-28731 | Cross-Site Request Forgery (CSRF) vulnerability in Apache Jspwiki A carefully crafted request on UserPreferences.jsp could trigger an CSRF vulnerability on Apache JSPWiki before 2.11.3, which could allow the attacker to modify the email associated with the attacked account, and then a reset password request from the login page. | 6.5 |
| 2022-08-04 | CVE-2022-34158 | Cross-Site Request Forgery (CSRF) vulnerability in Apache Jspwiki A carefully crafted invocation on the Image plugin could trigger an CSRF vulnerability on Apache JSPWiki before 2.11.3, which could allow a group privilege escalation of the attacker's account. | 8.8 |
| 2022-08-03 | CVE-2022-34937 | Cross-Site Request Forgery (CSRF) vulnerability in Yuba U5Cms 8.3.5 Yuba u5cms v8.3.5 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component savepage.php. | 8.8 |
| 2022-08-02 | CVE-2022-36968 | Cross-Site Request Forgery (CSRF) vulnerability in Progress Ipswitch WS FTP Server In Progress WS_FTP Server prior to version 8.7.3, forms within the administrative interface did not include a nonce to mitigate the risk of cross-site request forgery (CSRF) attacks. | 4.3 |
| 2022-08-01 | CVE-2022-34161 | Cross-Site Request Forgery (CSRF) vulnerability in IBM Cics TX 11.1 IBM CICS TX 11.1 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts. | 8.8 |
| 2022-08-01 | CVE-2022-26309 | Cross-Site Request Forgery (CSRF) vulnerability in Pandorafms Pandora FMS Pandora FMS v7.0NG.759 allows Cross-Site Request Forgery in Bulk operation (User operation) resulting in elevation of privilege to Administrator group. | 8.8 |