CWE-352
Medium likelihoodCross-Site Request Forgery (CSRF)
The web application does not, or cannot, sufficiently verify whether a request was intentionally provided by the user who sent the request, which could have originated from an unauthorized actor.
9,374 vulnerabilities with CWE-352
CVE-2021-21675
MEDIUM
Jenkins requests-plugin < 2.2.12 - Cross-Site Request Forgery
CVSS 6.5
CVE-2021-20580
MEDIUM
IBM Planning Analytics 2.0 - Cross-Site Request Forgery
CVSS 4.3
CVE-2021-20102
HIGH
Machform < 16 - Cross-Site Request Forgery
CVSS 8.8
CVE-2021-34244
HIGH
Icehrm - Cross-Site Request Forgery
CVSS 8.8
CVE-2021-32424
HIGH
TrendNet TW100-S4W1CA 2.3.32 - Cross-Site Request Forgery
CVSS 8.8
CVE-2021-24349
MEDIUM
gallery_from_files < 1.6.0 - Reflected Cross-Site Scripting via Error Message
CVSS 6.1
CVE-2021-34547
MEDIUM
PRTG Network Monitor 20.1.55.1775 - Cross-Site Request Forgery via /editsettings
CVSS 4.3
CVE-2021-31659
HIGH
TP-Link TL-SG2005 and TL-SG2008 Firmware 1.0.0 Build 20180529 Rel.40524 - Cross-Site Request Forgery
CVSS 8.8
CVE-2021-21665
HIGH
Jenkins XebiaLabs XL Deploy Plugin < 10.0.1 - Cross-Site Request Forgery
CVSS 8.8
CVE-2021-32677
HIGH
FastAPI < 0.65.2 - Cross-Site Request Forgery via JSON Payload in text/plain Content-Type
CVSS 8.2
CVE-2021-29995
HIGH
CloverDX < 5.7.1 - Cross-Site Request Forgery in Server Console
CVSS 8.8
CVE-2021-26474
HIGH
Vembu BDR Suite < 4.2.0 - Cross-Site Request Forgery
CVSS 8.6
CVE-2021-24333
MEDIUM
Content Copy Protection & Prevent Image Save < 1.3 - Cross-Site Request Forgery and Stored Cross-Site Scripting
CVSS 6.5
CVE-2021-24328
MEDIUM
WP Login Security and History < 1.0 - Cross-Site Request Forgery and Stored Cross-Site Scripting
CVSS 6.2
CVE-2021-26034
MEDIUM
Joomla! 3.0.0-3.9.26 - Cross-Site Request Forgery in Data Download Endpoints
CVSS 6.5
CVE-2021-26033
MEDIUM
Joomla! 3.0.0-3.9.26 - Cross-Site Request Forgery via AJAX Reordering Endpoint
CVSS 6.5
CVE-2021-20096
HIGH
OpenOversight 0.6.4 - Cross-Site Request Forgery
CVSS 8.1
CVE-2021-21549
HIGH
Dell EMC XtremIO Management Server < 6.3.3-8 - Cross-Site Request Forgery
CVSS 8.8
CVE-2021-32632
LOW
pajbot < 1.52 - Cross-Site Request Forgery
CVSS 2.4
CVE-2021-25931
HIGH
OpenNMS Horizon < 27.1.1 and Meridian < 2019.1.19 - Cross-Site Request Forgery via User Update Endpoint
CVSS 8.8
CVE-2021-25930
MEDIUM
OpenNMS Horizon < 27.1.1 and Meridian < 2019.1.19 - Cross-Site Request Forgery
CVSS 4.3
CVE-2021-29624
MEDIUM
fastify-csrf < 3.1.0 - Cross-Site Request Forgery Protection Bypass via Subdomain Cookie Handling
CVSS 6.5
CVE-2021-24324
MEDIUM
404 SEO Redirection WordPress Plugin <= 1.3 - Cross-Site Request Forgery and Stored Cross-Site Scripting
CVSS 6.5
CVE-2021-32403
HIGH
Intelbras RF 301K Firmware 1.1.2 - Cross-Site Request Forgery
CVSS 8.8
CVE-2021-32402
HIGH
Intelbras RF 301K Firmware 1.1.2 - Cross-Site Request Forgery
CVSS 8.8
Details
Vulnerabilities
9,374
Exploit Likelihood
Medium