CWE-352
Medium likelihoodCross-Site Request Forgery (CSRF)
The web application does not, or cannot, sufficiently verify whether a request was intentionally provided by the user who sent the request, which could have originated from an unauthorized actor.
9,376 vulnerabilities with CWE-352
CVE-2019-19737
HIGH
MFScripts YetiShare 3.5.2-4.5.3 - Cross-Site Request Forgery via Session Cookie
CVSS 8.8
CVE-2019-20071
MEDIUM
Netis DL4323 Firmware - Cross-Site Request Forgery via form2logaction.cgi
CVSS 6.5
CVE-2019-19995
HIGH
Intelbras IWR 3000N 1.8.7 - Cross-Site Request Forgery
CVSS 8.8
CVE-2019-16326
HIGH
D-Link DIR-601 B1 2.00NA - Cross-Site Request Forgery
CVSS 8.8
CVE-2019-6030
HIGH
Custom Body Class < 0.6.0 - Cross-Site Request Forgery
CVSS 8.8
CVE-2019-6027
HIGH
Wpspellcheck < 7.1.9 - CSRF
CVSS 8.8
CVE-2019-19981
MEDIUM
Email Subscribers & Newsletters < 4.2.3 - Cross-Site Request Forgery
CVSS 5.4
CVE-2019-19979
HIGH
WP Maintenance < 5.0.6 - Cross-Site Request Forgery with Resultant Cross-Site Scripting
CVSS 8.8
CVE-2019-4736
MEDIUM
IBM Financial Transaction Manager 3.0 - CSRF
CVSS 4.3
CVE-2019-4231
MEDIUM
IBM Cognos Analytics 11.0.0-11.0.11 - Cross-Site Request Forgery
CVSS 4.3
CVE-2019-19915
CRITICAL
301 Redirects - Easy Redirect Manager < 2.45 - Authenticated Cross-Site Request Forgery via Redirect Rule Manipulation
CVSS 9.0
CVE-2019-17633
HIGH
Eclipse Che 6.16.0-7.3.0 - Unauthenticated Workspace Creation via CSRF
CVSS 8.8
CVE-2019-19833
MEDIUM
Tautulli 2.1.9 - Cross-Site Request Forgery via /shutdown Endpoint
CVSS 6.5
CVE-2019-19832
HIGH
Xerox AltaLink C8035 Firmware - Cross-Site Request Forgery via Device User Database Form
CVSS 8.8
CVE-2019-11657
HIGH
Micro Focus ArcSight Logger <7.0 - CSRF
CVSS 8.8
CVE-2019-16575
HIGH
Jenkins Alauda Kubernetes Suport Plugin <2.3.0 - CSRF
CVSS 8.8
CVE-2019-16573
HIGH
Jenkins Alauda DevOps Pipeline Plugin <2.3.2 - CSRF
CVSS 8.8
CVE-2019-16570
HIGH
Jenkins RapidDeploy Plugin <4.1 - CSRF
CVSS 8.8
CVE-2019-16569
MEDIUM
Jenkins Mantis Plugin < 0.26 - Cross-Site Request Forgery
CVSS 4.3
CVE-2019-16565
HIGH
Jenkins Team Concert Plugin <1.3.0 - CSRF
CVSS 8.8
CVE-2019-16560
HIGH
Jenkins WebSphere Deployer Plugin <1.6.1 - CSRF
CVSS 8.8
CVE-2019-16553
HIGH
Jenkins Build Failure Analyzer Plugin <1.24.1 - CSRF
CVSS 8.8
CVE-2019-16551
HIGH
Jenkins Gerrit Trigger Plugin <2.30.1 - CSRF
CVSS 8.8
CVE-2019-16550
HIGH
Jenkins Maven Release Plugin <0.16.1 - CSRF
CVSS 8.8
CVE-2019-13930
HIGH
Siemens XHQ < 6.0.0.2 - Authenticated Cross-Site Request Forgery
CVSS 8.1
Details
Vulnerabilities
9,376
Exploit Likelihood
Medium