CWE-352
Medium likelihoodCross-Site Request Forgery (CSRF)
The web application does not, or cannot, sufficiently verify whether a request was intentionally provided by the user who sent the request, which could have originated from an unauthorized actor.
9,376 vulnerabilities with CWE-352
CVE-2019-15496
HIGH
MyT Project Management 1.5.1 - Cross-Site Request Forgery via User Creation
CVSS 8.8
CVE-2019-10384
HIGH
Jenkins < 2.176.3 - Cross-Site Request Forgery via Non-Expiring CSRF Tokens
CVSS 8.8
CVE-2019-11457
HIGH
MicroPyramid Django CRM 0.2.1 - CSRF
CVSS 8.8
CVE-2019-15660
HIGH
WP-Members < 3.2.8 - Cross-Site Request Forgery
CVSS 8.8
CVE-2019-15648
MEDIUM
insert-or-embed-articulate-content-into-wordpress < 4.29991 - Unauthenticated Path Traversal
CVSS 6.5
CVE-2019-15645
HIGH
Zoho SalesIQ < 1.0.9 - Cross-Site Request Forgery
CVSS 8.8
CVE-2019-15515
MEDIUM
Discourse 2.3.2 - Cross-Site Request Forgery via Query String Token
CVSS 6.5
CVE-2019-8447
MEDIUM
Jira Server 7.13.0-8.3.1 - Cross-Site Request Forgery via ServiceExecutor Resource
CVSS 4.3
CVE-2019-14999
MEDIUM
Atlassian Universal Plugin Manager <2.22.19, 3.0.0-3.0.3, 4.0.0-4.0.3 CSRF via Uninstall REST Endpoint
CVSS 4.3
CVE-2019-11588
MEDIUM
Jira <7.13.6, <8.0.0-<8.2.3, <8.3.0-<8.3.2 - CSRF
CVSS 4.3
CVE-2019-11587
MEDIUM
Jira <7.13.6, <8.0.0-<8.2.3, <8.3.0-<8.3.2 - CSRF
CVSS 6.5
CVE-2019-11586
MEDIUM
Jira <7.13.6, <8.0.0-<8.2.3, <8.3.0-<8.3.2 - CSRF
CVSS 4.3
CVE-2019-15491
HIGH
openITCOCKPIT < 3.7.1 - Cross-Site Request Forgery
CVSS 8.8
CVE-2019-15329
HIGH
import_users_from_csv_with_meta < 1.14.0.3 - Cross-Site Request Forgery
CVSS 8.8
CVE-2019-13477
HIGH
Webpanel - Cross-Site Request Forgery
CVSS 8.8
CVE-2019-12624
HIGH
Cisco IOS XE 3.0.xe-3.11.xe - Cross-Site Request Forgery in Web-Based Management Interface
CVSS 8.8
CVE-2019-4167
MEDIUM
IBM StoredIQ 7.6.0 - Cross-Site Request Forgery
CVSS 6.5
CVE-2019-4117
HIGH
IBM Cloud Private 3.1.1-3.1.2 - Cross-Site Request Forgery
CVSS 8.8
CVE-2019-15238
HIGH
Cformsii < 15.0.2 - CSRF
CVSS 8.8
CVE-2019-15229
HIGH
FUEL CMS < 1.4.4 - Cross-Site Request Forgery in Admin Console Blocks Creation
CVSS 8.8
CVE-2019-15150
HIGH
mw-oauth2client < 0.4 - Cross-Site Request Forgery via OAuth2 State Parameter
CVSS 8.8
CVE-2019-15115
HIGH
loginwp < 2.9.2 - Cross-Site Request Forgery
CVSS 8.8
CVE-2019-15114
HIGH
formcraft-form-builder < 1.2.2 - Cross-Site Request Forgery
CVSS 8.8
CVE-2019-15113
HIGH
companion_sitemap_generator < 3.7.0 - Cross-Site Request Forgery
CVSS 8.8
CVE-2019-13516
HIGH
OSIsoft PI Web API < 2018 - Cross-Site Request Forgery
CVSS 8.8
Details
Vulnerabilities
9,376
Exploit Likelihood
Medium