CWE-352
Medium likelihoodCross-Site Request Forgery (CSRF)
The web application does not, or cannot, sufficiently verify whether a request was intentionally provided by the user who sent the request, which could have originated from an unauthorized actor.
9,376 vulnerabilities with CWE-352
CVE-2019-18414
HIGH
Sourcecodester Restaurant Management System 1.0 - Cross-Site Request Forgery in admin/staff-exec.php
CVSS 8.8
CVE-2019-12095
HIGH
Horde Groupware < 5.2.22 - Cross-Site Request Forgery via treanBookmarkTags Parameter
CVSS 8.8
CVE-2019-9597
MEDIUM
Darktrace Enterprise Immune System <3.1 - CSRF
CVSS 6.5
CVE-2019-9596
MEDIUM
Darktrace Enterprise Immune System <3.1 - CSRF
CVSS 6.5
CVE-2019-18280
HIGH
Sourcecodester Online Grading System 1.0 - Cross-Site Request Forgery via User Creation
CVSS 8.8
CVE-2019-18220
HIGH
Sitemagic CMS 4.4.1 - Cross-Site Request Forgery
CVSS 8.8
CVE-2019-10471
HIGH
Jenkins Libvirt Slaves Plugin < 1.8.5 - Cross-Site Request Forgery
CVSS 8.8
CVE-2019-10468
HIGH
Jenkins Kubernetes CI < 1.3 - Cross-Site Request Forgery via Credential Capture
CVSS 8.8
CVE-2019-10464
HIGH
Jenkins Deploy WebLogic Plugin < 4.1 - Cross-Site Request Forgery
CVSS 8.8
CVE-2019-10462
HIGH
Jenkins Dynatrace Application Monitoring < 2.1.3 - Cross-Site Request Forgery
CVSS 8.1
CVE-2019-17367
HIGH
OpenWRT 18.06.4 - Cross-Site Request Forgery via Network Configuration Endpoints
CVSS 8.8
CVE-2019-17118
HIGH
WiKID 2FA Enterprise Server <= 4.2.0-b2053 - Cross-Site Request Forgery
CVSS 8.8
CVE-2019-17676
HIGH
MetInfo 7.0.0beta - Cross-Site Request Forgery via doSaveSetup Action
CVSS 8.8
CVE-2019-17675
HIGH
WordPress < 5.2.4 - Cross-Site Request Forgery via Type Confusion in Admin Referer Validation
CVSS 8.8
CVE-2019-12636
HIGH
Cisco Small Business Smart and Managed Switches < 2.5.0.90 - Cross-Site Request Forgery
CVSS 8.8
CVE-2019-10456
MEDIUM
Jenkins Oracle Cloud Infrastructure Compute Classic Plugin < 1.0.0 - Cross-Site Request Forgery
CVSS 4.3
CVE-2019-10454
MEDIUM
Jenkins Rundeck Plugin < 3.6.5 - Cross-Site Request Forgery
CVSS 4.3
CVE-2019-10441
MEDIUM
Jenkins iceScrum Plugin < 1.1.5 - Cross-Site Request Forgery
CVSS 4.3
CVE-2019-10437
HIGH
Jenkins CRX Content Package Deployer Plugin < 1.8.1 - Cross-Site Request Forgery
CVSS 8.8
CVE-2019-17600
CRITICAL
Intelbras IWR 1000N 1.6.4 - Information Disclosure via v1/system/user Endpoint
CVSS 9.8
CVE-2019-17593
HIGH
jizhicms 1.5.1 - Cross-Site Request Forgery via Admin Addition
CVSS 8.8
CVE-2019-17521
MEDIUM
Landing-CMS 0.0.6 - Cross-Site Request Forgery via Password Change URI
CVSS 6.5
CVE-2019-17495
CRITICAL
Swagger UI < 3.23.11 - CSS Injection via Relative Path Overwrite
CVSS 9.8
CVE-2019-17386
HIGH
animate_it! < 2.3.6 - Cross-Site Request Forgery in edsanimate.php
CVSS 8.8
CVE-2019-17432
MEDIUM
fastadmin 1.0.0.20190705_beta - Cross-Site Request Forgery in Admin Config Editor
CVSS 6.5
Details
Vulnerabilities
9,376
Exploit Likelihood
Medium