CWE-352
Medium likelihoodCross-Site Request Forgery (CSRF)
The web application does not, or cannot, sufficiently verify whether a request was intentionally provided by the user who sent the request, which could have originated from an unauthorized actor.
9,375 vulnerabilities with CWE-352
CVE-2020-2235
MEDIUM
Jenkins Pipeline Maven Integration Plugin <3.8.2 - CSRF
CVSS 6.5
CVE-2020-7029
MEDIUM
Avaya Aura Communication Manager <7.1.3.5/8.0.x CSRF in System Management Interface
CVSS 6.4
CVE-2020-12781
MEDIUM
Combodo iTop - Cross-Site Request Forgery
CVSS 5.7
CVE-2020-16253
HIGH
pghero < 2.6.0 - Cross-Site Request Forgery
CVSS 8.1
CVE-2020-16252
MEDIUM
Field Test 0.2.0-0.3.2 - Cross-Site Request Forgery
CVSS 4.3
CVE-2020-15135
MEDIUM
save-server < 1.0.7 - Cross-Site Request Forgery
CVSS 6.7
CVE-2020-5615
HIGH
Calendar01 and Calendar02 1.0.0 - Cross-Site Request Forgery
CVSS 8.8
CVE-2020-5770
HIGH
Teltonika TRB2_R_00.02.04.01 - CSRF
CVSS 8.8
CVE-2020-14319
MEDIUM
Red Hat AMQ Online < 1.5.2 and Enmasse < 0.32.2 - Cross-Site Request Forgery
CVSS 5.9
CVE-2020-10984
HIGH
Gambio GX < 4.0.1.0 - Cross-Site Request Forgery in Admin Panel
CVSS 8.8
CVE-2020-5611
HIGH
Social Sharing Plugin <1.2.10 - CSRF
CVSS 8.8
CVE-2020-15882
HIGH
munkireport < 5.6.3 - Cross-Site Request Forgery in manager/delete_machine Endpoint
CVSS 8.1
CVE-2020-5767
MEDIUM
Icegram Email Subscribers & Newsletters <4.4.8 - CSRF
CVSS 6.5
CVE-2020-11438
HIGH
LibreHealth EHR 2.0.0 - Cross-Site Request Forgery
CVSS 8.8
CVE-2020-15700
MEDIUM
Joomla! 3.7.0-3.9.19 - Cross-Site Request Forgery via com_installer AJAX Install Endpoint
CVSS 6.3
CVE-2020-15695
MEDIUM
Joomla! 3.9.0-3.9.19 - Cross-Site Request Forgery in com_privacy Remove Request Feature
CVSS 6.3
CVE-2020-6289
HIGH
SAP Disclosure Management 10.1 - Cross-Site Request Forgery
CVSS 8.8
CVE-2020-15711
HIGH
MISP < 2.4.129 - Cross-Site Request Forgery in Homepage Setting
CVSS 8.8
CVE-2020-10986
MEDIUM
Tenda AC15 AC1900 <15.03.05.19 - CSRF
CVSS 6.5
CVE-2020-15600
MEDIUM
CMSUno < 1.6.1 - Cross-Site Request Forgery via Admin Password Change
CVSS 6.5
CVE-2020-15516
MEDIUM
mm_forum < 1.9.5 - Cross-Site Scripting via CSRF
CVSS 5.4
CVE-2020-8166
MEDIUM
rails < 5.2.5 and < 6.0.4 - Cross-Site Request Forgery via Per-Form Token Forgery
CVSS 4.3
CVE-2020-2215
MEDIUM
Jenkins Zephyr for JIRA Test Mgmt <1.5 - CSRF
CVSS 4.3
CVE-2020-2203
MEDIUM
Jenkins Fortify on Demand Plugin <5.0.1 - CSRF
CVSS 4.3
CVE-2020-5904
HIGH
BIG-IP 12.1.0-12.1.5.1 - Cross-Site Request Forgery in TMUI
CVSS 8.8
Details
Vulnerabilities
9,375
Exploit Likelihood
Medium