CWE-352
Medium likelihoodCross-Site Request Forgery (CSRF)
The web application does not, or cannot, sufficiently verify whether a request was intentionally provided by the user who sent the request, which could have originated from an unauthorized actor.
9,376 vulnerabilities with CWE-352
CVE-2019-25254
HIGH
KYOCERA Net Admin 3.4.0906 - Cross-Site Request Forgery via Administrative User Creation
CVSS 8.8
CVE-2019-25252
MEDIUM
Teradek VidiU Pro 3.0.3 - Cross-Site Request Forgery via Password Change Request
CVSS 4.3
CVE-2019-25250
MEDIUM
Devolo dLAN 500 AV Wireless+ <3.1.0-1 - CSRF
CVSS 5.3
CVE-2019-25247
MEDIUM
Beward N100 H.264 VGA IP Camera M2.1.6 - CSRF
CVSS 5.3
CVE-2019-25242
MEDIUM
FaceSentry Access Control System 6.4.8 - CSRF
CVSS 4.3
CVE-2019-25238
MEDIUM
V-SOL GPON/EPON OLT Platform 2.03 - CSRF
CVSS 4.3
CVE-2019-25234
MEDIUM
SmartHouse Webapp 6.5.33 - CSRF/XSS
CVSS 5.3
CVE-2019-25233
MEDIUM
AVE DOMINAplus 1.10.x - Cross-Site Request Forgery and Cross-Site Scripting via login.php
CVSS 5.3
CVE-2019-15002
MEDIUM
Atlassian Jira 7.6.4-8.1.0 - Cross-Site Request Forgery via Login Form
CVSS 4.3
CVE-2019-20460
HIGH
Epson Expression Home XP255 20.08.FM10I8 - CSRF
CVSS 8.8
CVE-2019-25064
MEDIUM
CoreHR Core Portal < 27.0.7 - Cross-Site Request Forgery
CVSS 4.3
CVE-2019-5318
MEDIUM
ArubaOS - Cross-Site Request Forgery
CVSS 6.5
CVE-2019-14836
HIGH
3scale - Cross-Site Request Forgery in Dev Portal Login
CVSS 8.8
CVE-2019-14481
MEDIUM
AdRem NetCrunch 10.6.0.4587 - Cross-Site Request Forgery in Web Client
CVSS 5.4
CVE-2019-19289
HIGH
Siemens XHQ < 6.1.0.0 - Cross-Site Request Forgery
CVSS 8.8
CVE-2019-7357
HIGH
Subrion CMS 4.2.1 - Cross-Site Request Forgery in Plugin Activation
CVSS 8.8
CVE-2019-16009
HIGH
Cisco IOS and IOS XE - Cross-Site Request Forgery in Web UI
CVSS 8.8
CVE-2019-12784
HIGH
Verint Impact 360 15.1 - Cross-Site Request Forgery in Login Form
CVSS 8.8
CVE-2019-20415
MEDIUM
Atlassian Jira < 7.13.3 and 8.0.0-8.1.0 - Cross-Site Request Forgery
CVSS 4.3
CVE-2019-20411
MEDIUM
Atlassian Jira < 7.13.9 and 8.0.0-8.4.2 - Cross-Site Request Forgery in Wallboard Settings
CVSS 4.3
CVE-2019-20891
HIGH
WooCommerce < 3.6.5 - Cross-Site Request Forgery and Stored Cross-Site Scripting via CSV Product Import
CVSS 8.8
CVE-2019-20865
HIGH
Mattermost Server < 4.10.10, 5.9.2, 5.10.2, 5.11.1 - Cross-Site Request Forgery
CVSS 8.8
CVE-2019-20841
HIGH
Mattermost Server < 5.9.7 - Cross-Site Request Forgery
CVSS 8.8
CVE-2019-19109
HIGH
wpForo 1.6.5 - Cross-Site Request Forgery via Usergroups Admin Page
CVSS 8.8
CVE-2019-20804
HIGH
Gila CMS < 1.11.6 - Cross-Site Request Forgery with Resultant Cross-Site Scripting via Admin Themes URI
CVSS 8.8
Details
Vulnerabilities
9,376
Exploit Likelihood
Medium