VYPR

CWE-352

Cross-Site Request Forgery (CSRF)

CompoundStableLikelihood: Medium

Description

The web application does not, or cannot, sufficiently verify whether a request was intentionally provided by the user who sent the request, which could have originated from an unauthorized actor.

Hierarchy (View 1000)

Parents

Children

none

Related attack patterns (CAPEC)

CAPEC-111 · CAPEC-462 · CAPEC-467 · CAPEC-62

CVEs mapped to this weakness (5,713)

page 57 of 286
  • CVE-2018-12540HigJul 12, 2018
    risk 0.50cvss 8.8epss 0.02

    In version from 3.0.0 to 3.5.2 of Eclipse Vert.x, the CSRFHandler do not assert that the XSRF Cookie matches the returned XSRF header/form parameter. This allows replay attacks with previously issued tokens which are not expired yet.

  • CVE-2016-10522HigJul 5, 2018
    risk 0.50cvss 8.8epss 0.01

    rails_admin ruby gem <v1.1.1 is vulnerable to cross-site request forgery (CSRF) attacks. Non-GET methods were not validating CSRF tokens and, as a result, an attacker could hypothetically gain access to the application administrative endpoints exposed by the gem.

  • CVE-2018-11406HigJun 13, 2018
    risk 0.50cvss 8.8epss 0.01

    An issue was discovered in the Security component in Symfony 2.7.x before 2.7.48, 2.8.x before 2.8.41, 3.3.x before 3.3.17, 3.4.x before 3.4.11, and 4.0.x before 4.0.11. By default, a user's session is invalidated when the user is logged out. This behavior can be disabled…

  • CVE-2014-0594HigJun 8, 2018
    risk 0.50cvss 8.8epss 0.01

    In the Open Build Service (OBS) before version 2.4.6 the CSRF protection is incorrectly disabled in the web interface, allowing for requests without the user's consent.

  • CVE-2018-9856HigApr 9, 2018
    risk 0.50cvss 8.8epss 0.01

    Kotti before 1.3.2 and 2.x before 2.0.0b2 has CSRF in the local roles implementation, as demonstrated by triggering a permission change via a /admin-document/@@share request.

  • CVE-2018-1098HigApr 3, 2018
    risk 0.50cvss 8.8epss 0.01

    A cross-site request forgery flaw was found in etcd 3.3.1 and earlier. An attacker can set up a website that tries to send a POST request to the etcd server and modify a key. Adding a key is done with PUT so it is theoretically safe (can't PUT from an HTML form or such) but POST…

  • CVE-2018-1000086HigMar 13, 2018
    risk 0.50cvss 8.8epss 0.01

    NPR Visuals Team Pym.js version versions 0.4.2 up to 1.3.1 contains a Cross ite Request Forgery (CSRF) vulnerability in Pym.js _onNavigateToMessage function. https://github.com/nprapps/pym.js/blob/master/src/pym.js#L573 that can result in Arbitrary javascript code execution.…

  • CVE-2018-6009HigJan 22, 2018
    risk 0.50cvss 8.8epss 0.01

    In Yii Framework 2.x before 2.0.14, the switchIdentity function in web/User.php did not regenerate the CSRF token upon a change of identity.

  • CVE-2014-0120HigDec 29, 2017
    risk 0.50cvss 8.8epss 0.01

    Cross-site request forgery (CSRF) vulnerability in the admin terminal in Hawt.io allows remote attackers to hijack the authentication of arbitrary users for requests that run commands on the Karaf server, as demonstrated by running "shutdown -f."

  • CVE-2017-12631HigNov 30, 2017
    risk 0.50cvss 8.8epss 0.02

    Apache CXF Fediz ships with a number of container-specific plugins to enable WS-Federation for applications. A CSRF (Cross Style Request Forgery) style vulnerability has been found in the Spring 2, Spring 3 and Spring 4 plugins in versions before 1.4.3 and 1.3.3. The…

  • CVE-2015-5170HigOct 24, 2017
    risk 0.50cvss 8.8epss 0.01

    Cloud Foundry Runtime cf-release before 216, UAA before 2.5.2, and Pivotal Cloud Foundry (PCF) Elastic Runtime before 1.7.0 allow remote attackers to conduct cross-site request forgery (CSRF) attacks on PWS and log a user into an arbitrary account by leveraging lack of CSRF…

  • CVE-2014-3709HigOct 18, 2017
    risk 0.50cvss 8.8epss 0.01

    The org.keycloak.services.resources.SocialResource.callback method in JBoss KeyCloak before 1.0.3.Final allows remote attackers to conduct cross-site request forgery (CSRF) attacks by leveraging lack of CSRF protection.

  • CVE-2017-15063HigOct 6, 2017
    risk 0.50cvss 8.8epss 0.01

    There are CSRF vulnerabilities in Subrion CMS 4.1.x through 4.1.5, and before 4.2.0, because of a logic error. Although there is functionality to detect CSRF, it is called too late in the ia.core.php code, allowing (for example) an attack against the query parameter to…

  • CVE-2017-14683HigSep 25, 2017
    risk 0.50cvss 8.8epss 0.01

    geminabox (aka Gem in a Box) before 0.13.7 has CSRF, as demonstrated by an unintended gem upload.

  • CVE-2015-5395HigSep 20, 2017
    risk 0.50cvss 8.8epss 0.01

    Cross-site request forgery (CSRF) vulnerability in SOGo before 3.1.0.

  • CVE-2015-5607HigSep 20, 2017
    risk 0.50cvss 8.8epss 0.01

    Cross-site request forgery in the REST API in IPython 2 and 3.

  • CVE-2015-4619HigSep 7, 2017
    risk 0.50cvss 8.8epss 0.01

    Cross-site request forgery (CSRF) vulnerability in Spina before commit bfe44f289e336f80b6593032679300c493735e75.

  • CVE-2015-5081HigAug 18, 2017
    risk 0.50cvss 8.8epss 0.01

    Cross-site request forgery (CSRF) vulnerability in django CMS before 3.0.14, 3.1.x before 3.1.1 allows remote attackers to manipulate privileged users into performing unknown actions via unspecified vectors.

  • CVE-2017-1000069HigJul 17, 2017
    risk 0.50cvss 8.8epss 0.01

    CSRF in Bitly oauth2_proxy 2.1 during authentication flow

  • CVE-2015-1786HigJun 8, 2017
    risk 0.50cvss 8.8epss 0.01

    Cross-site request forgery (CSRF) vulnerability in Zend/Validator/Csrf in Zend Framework 2.3.x before 2.3.6 via null or malformed token identifiers.