firefly-iii is vulnerable to Cross-Site Request Forgery (CSRF)
CWE-352
CVE-2021-38886
IBM Cognos Analytics 11.1.7, 11.2.0, and 11.1.7 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts. IBM X-Force ID: 209399.
CVE-2021-38868
IBM Engineering Requirements Quality Assistant On-Premises (All versions) is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts. IBM X-Force Id: 208310.
CVE-2021-38705
ClinicCases 7.3.3 is affected by Cross-Site Request Forgery (CSRF). A successful attack would consist of an authenticated user following a malicious link, resulting in arbitrary actions being carried out with the privilege level of the targeted user. This can be exploited to create a secondary administrator account for the attacker.
CVE-2021-38721
FUEL CMS 1.5.0 login.php contains a cross-site request forgery (CSRF) vulnerability
CVE-2021-3858
snipe-it is vulnerable to Cross-Site Request Forgery (CSRF)