Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-352 (跨站请求伪造(CSRF)) — Vulnerability Class 4751

4751 vulnerabilities classified as CWE-352 (跨站请求伪造(CSRF)). AI Chinese analysis included.

CVE IDTitleCVSSSeverityPublished
CVE-2020-3456 Cisco FXOS Software Firepower Chassis Manager Cross-Site Request Forgery Vulnerability — Cisco Adaptive Security Appliance (ASA) Software 8.8 High2020-10-21
CVE-2020-12502 Pepperl+Fuchs improper authorization affects multiple Comtrol RocketLinx products — P+F Comtrol RocketLinx 8.8 High2020-10-15
CVE-2019-16009 Cisco IOS and Cisco IOS XE Software Web UI Cross-Site Request Forgery Vulnerability — Cisco IOS 12.2(15)B 8.8 -2020-09-23
CVE-2020-3124 Cisco Hosted Collaboration Mediation Fulfillment Cross-Site Request Forgery Vulnerability — Cisco Hosted Collaboration Mediation Fulfillment 6.5 -2020-09-23
CVE-2020-3135 Cisco Unified Communications Manager Cross-Site Request Forgery Vulnerability — Cisco Unified Communications Manager 8.8 -2020-09-23
CVE-2020-14506 Philips Clinical Collaboration Platform Cross-site Request Forgery — Clinical Collaboration Platform 3.4 Low2020-09-18
CVE-2018-19948 QNAP Systems TS-870 跨站请求伪造漏洞 — Helpdesk 2.0 Low2020-09-11
CVE-2020-15789 Siemens Polarion Subversion Web 跨站请求伪造漏洞 — Polarion Subversion Webclient 8.1 -2020-09-09
CVE-2020-16208 Red Lion N-Tron 跨站请求伪造漏洞 — N-Tron 702-W / 702M12-W 8.8 -2020-09-01
CVE-2020-15156 XSS due to lack of CSRF validation for replying/publishing — nodebb-plugin-blog-comments 6.8 Medium2020-08-26
CVE-2020-7304 DLP ePO extension - Cross-site request forgery — DLP ePO extension 7.6 High2020-08-13
CVE-2020-7029 Avaya Product System Management Interface Cross-Site Request Forgery Vulnerability — Avaya Aura Communication Manager 6.4 Medium2020-08-11
CVE-2020-12781 Combodo iTop - CSRF — iTop 5.7 Medium2020-08-10
CVE-2020-15135 CSRF vulnerability in save-server — save-server 6.7 Medium2020-08-04
CVE-2020-8166 Ruby on Rails 跨站请求伪造漏洞 — https://github.com/rails/rails 4.3 -2020-07-02
CVE-2020-8167 Ruby on Rails 跨站请求伪造漏洞 — http://github.com/rails/rails 8.1 -2020-06-19
CVE-2020-7503 Schneider Electric Easergy T300 跨站请求伪造漏洞 — Easergy T300 (Firmware version 1.5.2 and older) 8.8 -2020-06-16
CVE-2020-4040 CSRF issue on preview pages in Bolt CMS — bolt 8.6 High2020-06-08
CVE-2020-8168 Ubiquiti Networks AirOS 跨站请求伪造漏洞 — AirMax AirOS for TI, XW and XM boards 8.1 -2020-05-26
CVE-2020-11069 Cross-Site Request Forgery in TYPO3 CMS — TYPO3 CMS 8.0 High2020-05-13
CVE-2020-5335 Dell EMC RSA Archer 跨站请求伪造漏洞 — RSA Archer 5.0 Medium2020-05-04
CVE-2020-10892 Foxit Reader和PhantomPDF 跨站请求伪造漏洞 — PhantomPDF 8.8 -2020-04-22
CVE-2020-10890 Foxit Reader和PhantomPDF communication API 跨站请求伪造漏洞 — PhantomPDF 8.8 -2020-04-22
CVE-2020-3261 Cisco Mobility Express Software Cross-Site Request Forgery Vulnerability — Cisco Mobility Express 6.5 -2020-04-15
CVE-2020-11003 CSRF and DNS Rebinding in Oasis — oasis 4.8 Medium2020-04-14
CVE-2020-7005 Honeywell WIN-PAK 跨站请求伪造漏洞 — Honeywell WIN-PAK 4.7.2, Web and prior versions 8.8 -2020-03-24
CVE-2020-3148 Cisco Prime Network Registrar Cross-Site Request Forgery Vulnerability — Cisco Prime Network Registrar 8.1 -2020-03-04
CVE-2020-5402 UAA fails to check the state parameter when authenticating with external IDPs — UAA 8.8 -2020-02-27
CVE-2020-3114 Cisco Data Center Network Manager Cross-Site Request Forgery Vulnerability — Cisco Data Center Network Manager 8.8 -2020-02-19
CVE-2020-1692 Moodle 信息泄露漏洞 — moodle 8.1 High2020-02-17

Vulnerabilities classified as CWE-352 (跨站请求伪造(CSRF)) represent 4751 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.