CWE-352
Medium likelihoodCross-Site Request Forgery (CSRF)
The web application does not, or cannot, sufficiently verify whether a request was intentionally provided by the user who sent the request, which could have originated from an unauthorized actor.
9,357 vulnerabilities with CWE-352
CVE-2023-32991
HIGH
Jenkins SAML Single Sign On Plugin < 2.0.2 - Cross-Site Request Forgery
CVSS 8.8
CVE-2023-32989
HIGH
Jenkins Azure VM Agents Plugin < 852.v8d35f0960a_43 - Cross-Site Request Forgery
CVSS 8.8
CVE-2023-32987
HIGH
Jenkins Reverse Proxy Auth Plugin < 1.7.4 - Cross-Site Request Forgery
CVSS 8.8
CVE-2023-32980
MEDIUM
Jenkins Email Extension Plugin < 2.96 - Cross-Site Request Forgery
CVSS 4.3
CVE-2023-32978
MEDIUM
Jenkins LDAP Plugin < 673.v034ec70ec2b_b - Cross-Site Request Forgery
CVSS 4.3
CVE-2023-0763
MEDIUM
Clock In Portal- Staff & Attendance Management < 2.1 - Cross-Site Request Forgery via Holiday Deletion
CVSS 4.3
CVE-2023-28361
MEDIUM
UniFi OS < 3.0.13 - Cross-Site WebSocket Hijacking
CVSS 6.5
CVE-2023-2444
HIGH
Rockwell Automation FactoryTalk VantagePoint < 8.40 - Cross-Site Request Forgery
CVSS 7.1
CVE-2023-27889
HIGH
LIQUID SPEECH BALLOON < 1.2 - Cross-Site Request Forgery
CVSS 8.8
CVE-2023-25832
HIGH
Esri Portal for ArcGIS < 11.0 - Cross-Site Request Forgery
CVSS 8.8
CVE-2023-0522
MEDIUM
Enable/Disable Auto Login when Register < 1.1.0 - Cross-Site Request Forgery in Settings Update
CVSS 6.5
CVE-2023-2552
HIGH
bumsys < 2.1.1 - Cross-Site Request Forgery
CVSS 8.8
CVE-2023-1965
MEDIUM
GitLab EE <15.9.6, <15.10.5, <15.11.1 - Open Redirect
CVSS 6.8
CVE-2023-25967
MEDIUM
PeepSo Community by PeepSo <= 6.0.2.0 - Cross-Site Request Forgery
CVSS 4.3
CVE-2023-23790
HIGH
Pods Framework Team Pods - Custom Content Types and Fields <= 2.9.10.2 - Cross-Site Request Forgery
CVSS 7.1
CVE-2023-22691
MEDIUM
Category Specific RSS feed Subscription <= v2.1 - Cross-Site Request Forgery
CVSS 4.3
CVE-2023-2474
MEDIUM
Rebuild 3.2 - Cross-Site Request Forgery
CVSS 4.3
CVE-2023-29815
HIGH
mccms v2.6.3 - Cross-Site Request Forgery
CVSS 8.8
CVE-2023-2307
MEDIUM
Qwik < 0.104.0 - Cross-Site Request Forgery
CVSS 4.7
CVE-2023-26841
MEDIUM
ChurchCRM 4.5.3 - Cross-Site Request Forgery
CVSS 6.5
CVE-2023-26840
MEDIUM
ChurchCRM 4.5.3 - Cross-Site Request Forgery
CVSS 5.3
CVE-2023-26839
MEDIUM
ChurchCRM 4.5.3 - Cross-Site Request Forgery
CVSS 4.3
CVE-2023-1414
MEDIUM
WP VR <8.3.0 - CSRF
CVSS 4.3
CVE-2023-31061
HIGH
Repetier Server < 1.4.10 - Cross-Site Request Forgery
CVSS 8.8
CVE-2023-23879
MEDIUM
Nicolas Zeh PHP Execution <= 1.0.0 - CSRF
CVSS 4.3
Details
Vulnerabilities
9,357
Exploit Likelihood
Medium