VYPR

CWE-352

Cross-Site Request Forgery (CSRF)

CompoundStableLikelihood: Medium

Description

The web application does not, or cannot, sufficiently verify whether a request was intentionally provided by the user who sent the request, which could have originated from an unauthorized actor.

Hierarchy (View 1000)

Parents

Children

none

Related attack patterns (CAPEC)

CAPEC-111 · CAPEC-462 · CAPEC-467 · CAPEC-62

CVEs mapped to this weakness (5,713)

page 18 of 286
  • CVE-2020-35239HigJan 26, 2021
    risk 0.57cvss 8.8epss 0.01

    A vulnerability exists in CakePHP versions 4.0.x through 4.1.3. The CsrfProtectionMiddleware component allows method override parameters to bypass CSRF checks by changing the HTTP request method to an arbitrary string that is not in the list of request methods that CakePHP…

  • CVE-2019-7357HigNov 10, 2020
    risk 0.57cvss 8.8epss 0.01

    Subrion CMS 4.2.1 has CSRF in panel/modules/plugins/. The attacker can remotely activate/deactivate the plugins.

  • CVE-2020-2280HigSep 23, 2020
    risk 0.57cvss 8.8epss 0.01

    A cross-site request forgery (CSRF) vulnerability in Jenkins Warnings Plugin 5.0.1 and earlier allows attackers to execute arbitrary code.

  • CVE-2020-2268HigSep 16, 2020
    risk 0.57cvss 8.8epss 0.01

    A cross-site request forgery (CSRF) vulnerability in Jenkins MongoDB Plugin 1.3 and earlier allows attackers to gain access to some metadata of any arbitrary files on the Jenkins controller.

  • CVE-2020-14043HigAug 24, 2020
    risk 0.57cvss 8.8epss 0.02

    ** PRODUCT NOT SUPPORTED WHEN ASSIGNED ** A Cross Side Request Forgery (CSRF) vulnerability was found in Codiad v1.7.8 and later. The request to download a plugin from the marketplace is only available to admin users and it isn't CSRF protected in…

  • CVE-2020-13155HigJun 23, 2020
    risk 0.57cvss 8.8epss 0.01

    clearsystem.php in NukeViet 4.4 allows CSRF with resultant HTML injection via the deltype parameter to the admin/index.php?nv=webtools&op=clearsystem URI.

  • CVE-2020-13458HigMay 25, 2020
    risk 0.57cvss 8.8epss 0.00

    An issue was discovered in the Image Resizer plugin before 2.0.9 for Craft CMS. There are CSRF issues with the log-clear controller action.

  • CVE-2020-11825HigApr 16, 2020
    risk 0.57cvss 8.8epss 0.01

    In Dolibarr 10.0.6, forms are protected with a CSRF token against CSRF attacks. The problem is any CSRF token in any user's session can be used in another user's session. CSRF tokens should not be valid in this situation.

  • CVE-2018-21037HigMar 17, 2020
    risk 0.57cvss 8.8epss 0.01

    Subrion CMS 4.1.5 (and possibly earlier versions) allow CSRF to change the administrator password via the panel/members/edit/1 URI.

  • CVE-2020-2098HigJan 15, 2020
    risk 0.57cvss 8.8epss 0.01

    A cross-site request forgery vulnerability in Jenkins Sounds Plugin 0.5 and earlier allows attacker to execute arbitrary OS commands as the OS user account running Jenkins.

  • CVE-2019-16575HigDec 17, 2019
    risk 0.57cvss 8.8epss 0.01

    A cross-site request forgery vulnerability in Jenkins Alauda Kubernetes Suport Plugin 2.3.0 and earlier allows attackers to connect to an attacker-specified URL using attacker-specified credentials IDs obtained through another method, capturing the Kubernetes service account…

  • CVE-2019-16573HigDec 17, 2019
    risk 0.57cvss 8.8epss 0.01

    A cross-site request forgery vulnerability in Jenkins Alauda DevOps Pipeline Plugin 2.3.2 and earlier allows attackers to connect to an attacker-specified URL using attacker-specified credentials IDs obtained through another method, capturing credentials stored in Jenkins.

  • CVE-2019-16570HigDec 17, 2019
    risk 0.57cvss 8.8epss 0.01

    A cross-site request forgery vulnerability in Jenkins RapidDeploy Plugin 4.1 and earlier allows attackers to connect to an attacker-specified web server.

  • CVE-2019-16565HigDec 17, 2019
    risk 0.57cvss 8.8epss 0.01

    A cross-site request forgery vulnerability in Jenkins Team Concert Plugin 1.3.0 and earlier allows attackers to connect to an attacker-specified URL using attacker-specified credentials IDs obtained through another method, capturing credentials stored in Jenkins.

  • CVE-2019-16560HigDec 17, 2019
    risk 0.57cvss 8.8epss 0.01

    A cross-site request forgery vulnerability in Jenkins WebSphere Deployer Plugin 1.6.1 and earlier allows attackers to perform connection tests and determine whether files with an attacker-specified path exist on the Jenkins master file system.

  • CVE-2019-10468HigOct 23, 2019
    risk 0.57cvss 8.8epss 0.01

    A cross-site request forgery vulnerability in Jenkins ElasticBox Jenkins Kubernetes CI/CD Plugin allows attackers to connect to an attacker-specified URL using attacker-specified credentials IDs obtained through another method, capturing credentials stored in Jenkins.

  • CVE-2019-10464HigOct 23, 2019
    risk 0.57cvss 8.8epss 0.01

    A cross-site request forgery vulnerability in Jenkins Deploy WebLogic Plugin allows attackers to connect to an attacker-specified URL using attacker-specified credentials, or determine whether a file or directory with an attacker-specified path exists on the Jenkins master file…

  • CVE-2019-17495CriOct 10, 2019
    risk 0.57cvss 9.8epss 0.06

    A Cascading Style Sheets (CSS) injection vulnerability in Swagger UI before 3.23.11 allows attackers to use the Relative Path Overwrite (RPO) technique to perform CSS-based input field value exfiltration, such as exfiltration of a CSRF token value. In other words, this product…

  • CVE-2019-11457HigAug 27, 2019
    risk 0.57cvss 8.8epss 0.01

    Multiple CSRF issues exist in MicroPyramid Django CRM 0.2.1 via /change-password-by-admin/, /api/settings/add/, /cases/create/, /change-password-by-admin/, /comment/add/, /documents/1/view/, /documents/create/, /opportunities/create/, and /login/.

  • CVE-2019-10199HigAug 14, 2019
    risk 0.57cvss 8.8epss 0.01

    It was found that Keycloak's account console, up to 6.0.1, did not perform adequate header checks in some requests. An attacker could use this flaw to trick an authenticated user into performing operations via request from an untrusted domain.