CWE-352
Medium likelihoodCross-Site Request Forgery (CSRF)
The web application does not, or cannot, sufficiently verify whether a request was intentionally provided by the user who sent the request, which could have originated from an unauthorized actor.
9,385 vulnerabilities with CWE-352
CVE-2016-6801
HIGH
Apache Jackrabbit < 2.4.6 - CSRF
CVSS 8.8
CVE-2016-6158
MEDIUM
Huawei WS331a Router Firmware - Cross-Site Request Forgery
CVSS 6.1
CVE-2016-6642
MEDIUM
EMC ViPR SRM < 3.7.1 - Cross-Site Request Forgery
CVSS 6.1
CVE-2016-7034
HIGH
Red Hat JBoss BPM Suite 6.3.2 - Cross-Site Request Forgery via Query String Token Exposure
CVSS 8.8
CVE-2016-7123
HIGH
GNU Mailman < 2.1.14 - Cross-Site Request Forgery
CVSS 8.8
CVE-2016-6893
HIGH
GNU Mailman 2.1.x < 2.1.23 - Cross-Site Request Forgery in User Options Page
CVSS 8.8
CVE-2016-1470
HIGH
Cisco Small Business 220 <1.0.1.1 - CSRF
CVSS 8.8
CVE-2016-2998
LOW
IBM Connections 4.0-4.0 CR4, 4.5-4.5 CR5, 5.0-5.0 CR4, 5.5-5.5 CR1 - Authenticated Cross-Site Request Forgery
CVSS 3.5
CVE-2016-4069
HIGH
Roundcube Webmail <1.1.5 - CSRF
CVSS 8.8
CVE-2016-6635
HIGH
WordPress < 4.4.2 - Cross-Site Request Forgery via wp_ajax_wp_compression_test
CVSS 8.8
CVE-2016-5671
HIGH
Crestron DM-TXRX-100-STR <1.3039.00040 - CSRF
CVSS 8.8
CVE-2016-1607
HIGH
Novell Filr < 2.0 - Cross-Site Request Forgery via Administrative Interface
CVSS 7.2
CVE-2016-4469
HIGH
Apache Archiva < 1.3.9 - Cross-Site Request Forgery via Token Parameter
CVSS 8.8
CVE-2016-1448
HIGH
Cisco WebEx Meetings Server 2.7 - CSRF
CVSS 8.8
CVE-2016-4066
HIGH
FortiWeb < 5.5.2 - Cross-Site Request Forgery via Password Change Request
CVSS 8.8
CVE-2016-2889
HIGH
IBM Jazz Reporting Service CSRF (5.x < 5.0.2 ifix016, 6.0-6.0.1 < 6.0.1 ifix005, 6.0.2 < ifix002)
CVSS 8.8
CVE-2016-4430
HIGH
Apache Struts 2.3.20-2.3.28.1 - Cross-Site Request Forgery
CVSS 8.8
CVE-2016-2863
HIGH
IBM WebSphere Commerce 7.0 FP8, 8.0.0.x < 8.0.0.10, 8.0.1.x < 8.0.1.2 - CSRF
CVSS 8.0
CVE-2016-1228
HIGH
NTT EAST/WEST Hikari Denwa <07.00.1006 - CSRF
CVSS 8.8
CVE-2016-2082
HIGH
VMware vRealize Log Insight 2.x and 3.x < 3.3.2 - Cross-Site Request Forgery
CVSS 8.8
CVE-2016-0386
HIGH
IBM TRIRIGA Application Platform <3.3.2.6-<3.5.0.2 - CSRF
CVSS 8.0
CVE-2016-3653
HIGH
Symantec Endpoint Protection Manager < 12.1.6 - Authenticated Cross-Site Request Forgery
CVSS 8.0
CVE-2016-2901
HIGH
IBM WebSphere Portal 8.5 CF08-CF10 - Cross-Site Request Forgery in PA_Theme_Creator
CVSS 8.8
CVE-2016-4820
HIGH
I-O DATA DEVICE ETX-R - Cross-Site Request Forgery
CVSS 8.8
CVE-2016-4371
HIGH
HPE Service Manager Software <9.40 - Info Disclosure/Privilege Esca...
CVSS 8.0
Details
Vulnerabilities
9,385
Exploit Likelihood
Medium