CWE-352
Medium likelihoodCross-Site Request Forgery (CSRF)
The web application does not, or cannot, sufficiently verify whether a request was intentionally provided by the user who sent the request, which could have originated from an unauthorized actor.
9,374 vulnerabilities with CWE-352
CVE-2021-26215
MEDIUM
SeedDMS 5.1.0-5.1.20 - Cross-Site Request Forgery in out.EditDocument.php
CVSS 4.3
CVE-2021-24133
MEDIUM
ActiveCampaign < 8.0.2 - Cross-Site Request Forgery in Settings Form
CVSS 4.3
CVE-2021-21627
HIGH
Jenkins Libvirt Agents Plugin < 1.9.0 - Cross-Site Request Forgery
CVSS 8.8
CVE-2021-26961
HIGH
Aruba AirWave < 8.2.12.0 - Unauthenticated Cross-Site Request Forgery
CVSS 8.8
CVE-2021-26960
HIGH
Aruba AirWave < 8.2.12.0 - Unauthenticated Cross-Site Request Forgery
CVSS 8.8
CVE-2021-27927
HIGH
Zabbix <4.0.28rc1-5.2.6rc1-5.4.0beta2 - CSRF
CVSS 8.8
CVE-2021-27885
HIGH
e107 < 2.3.0 - Cross-Site Request Forgery via usersettings.php
CVSS 8.8
CVE-2021-1227
HIGH
Cisco NX-OS - Unauthenticated Cross-Site Request Forgery in NX-API
CVSS 8.1
CVE-2021-21620
MEDIUM
Jenkins Claim Plugin < 2.18.1 - Cross-Site Request Forgery
CVSS 4.3
CVE-2021-21617
HIGH
Jenkins Configuration Slicing Plugin < 1.51 - Cross-Site Request Forgery
CVSS 8.8
CVE-2021-22701
MEDIUM
PowerLogic - Cross-Site Request Forgery
CVSS 4.5
CVE-2021-26296
HIGH
Apache MyFaces 2.2.0-2.2.13, 2.3.0-2.3.7, 3.0.0-RC1 CSRF via Weak Token Generation
CVSS 7.5
CVE-2021-20073
HIGH
Racom MIDGE Firmware 4.4.40.105 - Cross-Site Request Forgery
CVSS 8.8
CVE-2021-20650
MEDIUM
ELECOM NCC-EWF100RMWH2 - Cross-Site Request Forgery
CVSS 6.5
CVE-2021-20647
MEDIUM
ELECOM WRC-300FEBK-S - Cross-Site Request Forgery
CVSS 6.5
CVE-2021-20646
MEDIUM
ELECOM WRC-300FEBK-A Firmware - Cross-Site Request Forgery
CVSS 6.5
CVE-2021-20641
MEDIUM
LOGITEC LAN-W300N/RS - Cross-Site Request Forgery
CVSS 6.5
CVE-2021-20636
MEDIUM
LOGITEC LAN-W300N/PR5B - Cross-Site Request Forgery
CVSS 6.5
CVE-2021-21027
MEDIUM
Magento < 2.3.6 - Unauthenticated Cross-Site Request Forgery via GraphQL API
CVSS 4.3
CVE-2021-20403
HIGH
IBM Security Verify Information Queue <1.0.8 - CSRF
CVSS 8.8
CVE-2021-22500
MEDIUM
Micro Focus Application Performance Management <9.51 - CSRF
CVSS 6.5
CVE-2021-20652
HIGH
Name Directory < 1.17.4 - Cross-Site Request Forgery
CVSS 8.8
CVE-2021-25765
HIGH
JetBrains YouTrack < 2020.4.4701 - Cross-Site Request Forgery via Attachment Upload
CVSS 8.8
CVE-2021-20621
HIGH
Aterm WG2600HP and WG2600HP2 Firmware < 1.0.2 - Cross-Site Request Forgery
CVSS 8.8
CVE-2021-21275
MEDIUM
MediaWiki Report Extension < 2021-01-21 - Cross-Site Request Forgery via Special:Report
CVSS 5.3
Details
Vulnerabilities
9,374
Exploit Likelihood
Medium