CWE-352
Medium likelihoodCross-Site Request Forgery (CSRF)
The web application does not, or cannot, sufficiently verify whether a request was intentionally provided by the user who sent the request, which could have originated from an unauthorized actor.
9,375 vulnerabilities with CWE-352
CVE-2020-10229
HIGH
vtenext 19 CE - Cross-Site Request Forgery
CVSS 8.8
CVE-2020-23824
HIGH
ArGo Soft Mail Server 1.8.8.9 - CSRF
CVSS 8.8
CVE-2020-25252
HIGH
Hyland OnBase < 16.0.2.83, <= 17.0.2.109, <= 18.0.0.37, <= 19.8.16.1000, <= 20.3.10.1000 - Cross-Site Request Forgery
CVSS 8.8
CVE-2020-24739
MEDIUM
iCMS 7.0.0 - Cross-Site Request Forgery in Administrator Account Deletion
CVSS 6.5
CVE-2020-15789
HIGH
Polarion Subversion Webclient - Cross-Site Request Forgery
CVSS 8.1
CVE-2020-23830
HIGH
SourceCodester Stock Management System <v1.0 - CSRF
CVSS 7.1
CVE-2020-5776
HIGH
MAGMI - Cross-Site Request Forgery
CVSS 8.8
CVE-2020-25070
HIGH
USVN < 1.0.10 - Cross-Site Request Forgery via Missing SameSite Cookie Attribute
CVSS 8.8
CVE-2020-16208
HIGH
Red Lion N-Tron 702-W / 702M12-W - Cross-Site Request Forgery
CVSS 8.8
CVE-2020-23836
HIGH
OSWAPP Warehouse Inventory System < 2020-08-10 - Cross-Site Request Forgery in edit_user.php
CVSS 8.8
CVE-2020-2241
HIGH
Jenkins Database Plugin <1.6 - CSRF
CVSS 8.8
CVE-2020-2240
HIGH
Jenkins Database Plugin <1.6 - CSRF
CVSS 8.8
CVE-2020-16610
MEDIUM
hoosk < 1.7.2 - Cross-Site Request Forgery via Account Deletion
CVSS 4.3
CVE-2020-5621
MEDIUM
NETGEAR switching hubs <5.4.2.30 - CSRF
CVSS 4.3
CVE-2020-15156
MEDIUM
nodebb-plugin-blog-comments <0.7.0 - XSS
CVSS 6.8
CVE-2020-5928
LOW
F5 BIG-IP Application Security Manager 11.5.2-11.6.5 - Cross-Site Request Forgery via Reused CSRF Token
CVSS 3.1
CVE-2020-5922
HIGH
BIG-IP 11.6.1-15.1.0.4 - Cross-Site Request Forgery in iControl REST
CVSS 8.8
CVE-2020-4170
MEDIUM
IBM Security Guardium Insights 2.0.1 - Cross-Site Request Forgery
CVSS 4.3
CVE-2020-14043
HIGH
Codiad >=1.7.8 - Cross-Site Request Forgery in Marketplace Plugin Download
CVSS 8.8
CVE-2020-19889
HIGH
DBHcms 1.2.0 - Cross-Site Request Forgery via User Addition
CVSS 8.8
CVE-2020-19886
HIGH
DBHcms 1.2.0 - Cross-Site Request Forgery via Menu Deletion Endpoint
CVSS 8.1
CVE-2020-15151
HIGH
OpenMage LTS <19.4.6, 20.0.2 - CSRF
CVSS 8.0
CVE-2020-12480
MEDIUM
Play Framework 2.6.0-2.8.1 - Cross-Site Request Forgery Bypass via Unparseable Content-Type Parameters
CVSS 6.5
CVE-2020-7304
HIGH
McAfee Data Loss Prevention < 11.3.28 - Authenticated Cross-Site Request Forgery via Label Addition
CVSS 7.6
CVE-2020-2237
MEDIUM
Jenkins Flaky Test Handler Plugin <1.0.4 - CSRF
CVSS 4.3
Details
Vulnerabilities
9,375
Exploit Likelihood
Medium