Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-352

CWE-352

Medium likelihood

Cross-Site Request Forgery (CSRF)

Parent: CWE-345 - Insufficient Verification of Data Authenticity

The web application does not, or cannot, sufficiently verify whether a request was intentionally provided by the user who sent the request, which could have originated from an unauthorized actor.

9,350 vulnerabilities with CWE-352

CVE-2023-50017 HIGH

Dreamer CMS 4.1.3 - Cross-Site Request Forgery via Database Backup Component

CVE-2023-6766 MEDIUM

PHPGurukul Teacher Subject Allocation Management System 1.0 - Cross-Site Request Forgery via Delete Course Handler

CVE-2023-50778 HIGH

Jenkins PaaSLane Estimate Plugin < 1.0.4 - Cross-Site Request Forgery

CVE-2023-50775 MEDIUM

Jenkins Deployment Dashboard Plugin < 1.0.10 - Cross-Site Request Forgery

CVE-2023-50774 HIGH

Jenkins HTMLResource Plugin 1.02 - Cross-Site Request Forgery

CVE-2023-50768 HIGH

Jenkins Nexus Platform Plugin < 3.18.0-03 - Cross-Site Request Forgery

CVE-2023-50766 HIGH

Jenkins Nexus Platform Plugin < 3.18.0-03 - Cross-Site Request Forgery

CVE-2023-47326 HIGH

Silverpeas Core < 6.3.2 - Cross-Site Request Forgery via Domain SQL Create Function

CVE-2023-47322 HIGH

Silverpeas < 6.3.2 - Cross-Site Request Forgery in User Modify Feature

CVE-2023-47578 HIGH

Relyum RELY-PCIe and RELY-REC - Cross-Site Request Forgery

CVE-2023-45316 HIGH

Mattermost < 7.8.14 - Cross-Site Request Forgery via Telemetry Run ID Path Traversal

CVE-2023-6671 MEDIUM

Open Journal Systems - Cross-Site Request Forgery

CVE-2023-6653 MEDIUM

PHPGurukul Teacher Subject Allocation Management System 1.0 - CSRF

CVE-2023-5756 MEDIUM

Digital Publications by Supsystic <= 1.7.6 - Cross-Site Request Forgery via AJAX Action Handler

CVE-2023-49448 HIGH

JFinalCMS 5.0.0 - Cross-Site Request Forgery via Navigation Management Delete Endpoint

CVE-2023-49447 HIGH

JFinalCMS 5.0.0 - Cross-Site Request Forgery via Navigation Update Endpoint

CVE-2023-49446 HIGH

JFinalCMS 5.0.0 - Cross-Site Request Forgery via /admin/nav/save

CVE-2023-49398 HIGH

JFinalCMS 5.0.0 - Cross-Site Request Forgery via Column Management Delete Endpoint

CVE-2023-49397 HIGH

JFinalCMS 5.0.0 - Cross-Site Request Forgery via /admin/category/updateStatus

CVE-2023-49396 HIGH

JFinalCMS 5.0.0 - Cross-Site Request Forgery via /admin/category/save

CVE-2023-49395 HIGH

JFinalCMS 5.0.0 - Cross-Site Request Forgery via /admin/category/update

CVE-2023-49383 HIGH

JFinalCMS 5.0.0 - Cross-Site Request Forgery via Tag Save Endpoint

CVE-2023-49382 HIGH

JFinalCMS 5.0.0 - Cross-Site Request Forgery via /admin/div/delete

CVE-2023-49381 HIGH

JFinalCMS 5.0.0 - Cross-Site Request Forgery via /admin/div/update

CVE-2023-49380 HIGH

JFinalCMS 5.0.0 - Cross-Site Request Forgery via Friend Link Deletion Endpoint

Previous Page 157 of 374 Next

Details

Vulnerabilities 9,350

Exploit Likelihood Medium

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy