CWE-352
Medium likelihoodCross-Site Request Forgery (CSRF)
The web application does not, or cannot, sufficiently verify whether a request was intentionally provided by the user who sent the request, which could have originated from an unauthorized actor.
9,378 vulnerabilities with CWE-352
CVE-2019-3718
HIGH
Dell SupportAssist < 3.2.0.90 - Cross-Site Request Forgery
CVSS 8.8
CVE-2019-10304
MEDIUM
Jenkins XebiaLabs XL Deploy Plugin < 7.5.3 - Cross-Site Request Forgery via Credential Form Validation
CVSS 6.5
CVE-2019-10300
HIGH
Jenkins GitLab Plugin < 1.5.11 - Cross-Site Request Forgery via Test Connection Form
CVSS 8.0
CVE-2019-1797
HIGH
Cisco Wireless LAN Controller Software < 8.3.150.0 - Cross-Site Request Forgery
CVSS 8.8
CVE-2019-1722
MEDIUM
Cisco Expressway Series and TelePresence VCS < X12.5.1 - CSRF in FindMe Feature
CVSS 6.5
CVE-2019-10642
HIGH
Contao 4.7.0-4.7.2 - Cross-Site Request Forgery
CVSS 8.8
CVE-2019-9176
MEDIUM
GitLab < 11.6.10, 11.7.x < 11.7.6, 11.8.x < 11.8.1 - Cross-Site Request Forgery
CVSS 6.5
CVE-2019-11078
HIGH
MKCMS V5.0 - Cross-Site Request Forgery via ucenter/userinfo.php URI
CVSS 8.8
CVE-2019-11077
HIGH
FastAdmin V1.0.0.20190111_beta - Cross-Site Request Forgery via Admin User Addition
CVSS 8.8
CVE-2019-0229
HIGH
Apache Airflow < 1.10.2 - Cross-Site Request Forgery
CVSS 8.8
CVE-2019-10888
HIGH
UKcms 1.1.10 - Cross-Site Request Forgery via Admin Role Addition
CVSS 8.8
CVE-2019-10874
HIGH
Bolt CMS 3.6.6 - Cross-Site Request Forgery to Remote Code Execution via File Upload
CVSS 8.8
CVE-2019-10292
MEDIUM
Jenkins Kmap Plugin - Cross-Site Request Forgery via Form Validation
CVSS 6.5
CVE-2019-10289
MEDIUM
Jenkins Netsparker Cloud Scan < 1.1.5 - Cross-Site Request Forgery via API Validation Method
CVSS 6.5
CVE-2019-10278
MEDIUM
Jenkins Reviewbot Plugin - Cross-Site Request Forgery via Test Connection Form
CVSS 6.5
CVE-2019-1003098
MEDIUM
Jenkins openid Plugin < 2.4 - Cross-Site Request Forgery via Form Validation Method
CVSS 6.5
CVE-2019-1003092
MEDIUM
Jenkins Nomad Plugin < 0.5.1 - Cross-Site Request Forgery via Test Connection Form
CVSS 6.5
CVE-2019-1003090
MEDIUM
Jenkins SOASTA CloudTest Plugin - CSRF
CVSS 6.5
CVE-2019-1003086
MEDIUM
Jenkins Chef Sinatra Plugin - Cross-Site Request Forgery via Connection Test Form
CVSS 6.5
CVE-2019-1003084
MEDIUM
Jenkins Zephyr Enterprise Test Management Plugin - CSRF
CVSS 6.5
CVE-2019-1003082
MEDIUM
Jenkins Gearman Plugin < 0.4.0 - Cross-Site Request Forgery via Test Connection Form
CVSS 6.5
CVE-2019-1003080
MEDIUM
Jenkins OpenShift Deployer Plugin - CSRF
CVSS 6.5
CVE-2019-1003078
MEDIUM
Jenkins VMware Lab Manager Slaves Plugin - CSRF
CVSS 6.5
CVE-2019-1003076
MEDIUM
Jenkins Audit to Database Plugin - CSRF
CVSS 6.5
CVE-2019-1003058
MEDIUM
Jenkins FTP Publisher Plugin - Cross-Site Request Forgery via doLoginCheck Method
CVSS 6.5
Details
Vulnerabilities
9,378
Exploit Likelihood
Medium