Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-352 (跨站请求伪造(CSRF)) — Vulnerability Class 4751

4751 vulnerabilities classified as CWE-352 (跨站请求伪造(CSRF)). AI Chinese analysis included.

CVE IDTitleCVSSSeverityPublished
CVE-2021-22512 Jenkins 跨站请求伪造漏洞 — Micro Focus Application Automation Tools Plugin - Jenkins plugin 6.5 -2021-04-08
CVE-2021-24172 VM Backups <= 1.0 - CSRF to Database Backup Download — VM Backups 6.5 -2021-04-05
CVE-2021-24173 VM Backups <= 1.0 - CSRF to Stored Cross-Site Scripting (XSS) — VM Backups 6.1 -2021-04-05
CVE-2021-24174 Database Backups <= 1.2.2.6 - CSRF to Backup Download — Database Backups 8.3 -2021-04-05
CVE-2021-24159 Contact Form 7 Style <= 3.1.9 - Cross-Site Request Forgery to Stored Cross-Site Scripting — Contact Form 7 Style 7.1 -2021-04-05
CVE-2021-24161 Responsive Menu < 4.0.4 - CSRF to Arbitrary File Upload — Responsive Menu – Create Mobile-Friendly Menu 8.8 -2021-04-05
CVE-2021-24162 Responsive Menu < 4.0.4 - CSRF to Settings Update — Responsive Menu – Create Mobile-Friendly Menu 8.1 -2021-04-05
CVE-2021-24166 Ninja Forms < 3.4.34 - CSRF to OAuth Service Disconnection — Ninja Forms Contact Form – The Drag and Drop Form Builder for WordPress 5.4 -2021-04-05
CVE-2021-24133 ActiveCampaign < 8.0.2 - Cross-Site Request Forgery in Settings — ActiveCampaign 6.5 -2021-03-18
CVE-2020-29030 Insufficient CSRF guards — GateManager 8.1 High2021-03-05
CVE-2021-1227 Cisco NX-OS Software NX-API Cross-Site Request Forgery Vulnerability — Cisco NX-OS Software 8.1 -2021-02-24
CVE-2021-22701 Schneider PowerLogic 产品跨站请求伪造漏洞 — PowerLogic ION7400, ION7650, ION83xx/84xx/85xx/8600, ION8650, ION8800, ION9000 and PM800 (see notification for affected versions) 8.1 -2021-02-19
CVE-2021-26296 Cross-Site Request Forgery (CSRF) vulnerability in Apache MyFaces — Apache MyFaces Core 7.5 -2021-02-19
CVE-2021-21027 Magento Commerce Cross-Site Request Forgery (CSRF) Could Lead To Unauthorized Data Modification — Magento Commerce 4.3 -2021-02-11
CVE-2020-10734 Keycloak 跨站请求伪造漏洞 — keycloak 7.5 -2021-02-11
CVE-2020-13186 Teradici Cloud Access Connector 跨站请求伪造漏洞 — - Cloud Access Connector - Cloud Access Connector Legacy 8.8 -2021-02-11
CVE-2020-13569 OpenEMR 跨站请求伪造漏洞 — OpenEMR 8.8 -2021-01-28
CVE-2021-21275 CSRF in MediaWiki Report extension — Report 5.3 Medium2021-01-25
CVE-2020-12511 Pepper+Fuchs Comtrol IO-Link Master Cross-Site Request Forgery — Comtrol IO-Link Master 8.8 High2021-01-22
CVE-2021-1257 Cisco DNA Center Cross-Site Request Forgery Vulnerability — Cisco Digital Network Architecture Center (DNA Center) 8.8 -2021-01-20
CVE-2020-6776 CSRF in Bosch PRAESIDEO and Bosch PRAESENSA Management Interface — PRAESIDEO 8.8 High2021-01-14
CVE-2021-21241 CSRF can expose users authentication token in Flask-Security-Too — flask-security-too 7.4 High2021-01-11
CVE-2020-7336 Network Security Management (NSM) - Cross Site Request Forgery vulnerability — Network Security Management (NSM) 6.6 Medium2021-01-05
CVE-2020-13527 Lantronix Xport Edge 跨站请求伪造漏洞 — Lantronix 6.5 -2020-12-17
CVE-2019-19289 Siemens XHQ 跨站请求伪造漏洞 — XHQ 8.8 -2020-12-14
CVE-2020-14368 Eclipse Che 跨站请求伪造漏洞 — eclipse 7.1 -2020-12-14
CVE-2020-8282 Ubiquiti Edgepower 跨站请求伪造漏洞 — EdgePower 8.8 -2020-12-14
CVE-2020-14369 Red Hat CloudForms 跨站请求伪造漏洞 — CloudForms 7.1 -2020-12-02
CVE-2020-7332 Cross-Site Request Forgery (CSRF) in firewall ePO extension of McAfee Endpoint Security (ENS) — Endpoint Security for Windows 7.0 High2020-11-12
CVE-2020-15259 CSRF in Auth0 ad-ldap-connector — ad-ldap-connector 8.1 High2020-11-06

Vulnerabilities classified as CWE-352 (跨站请求伪造(CSRF)) represent 4751 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.