• Skip to primary navigation
  • Skip to main content
CVE Vulnerability

CVE Vulnerability

  • CVE’s
  • Products
  • Vendors

CWE-352

CVE-2022-34209

February 23, 2023 by godfreyd94

A cross-site request forgery (CSRF) vulnerability in Jenkins ThreadFix Plugin 1.5.4 and earlier allows attackers to connect to an attacker-specified URL.

CVE-2022-34211

February 23, 2023 by godfreyd94

A cross-site request forgery (CSRF) vulnerability in Jenkins vRealize Orchestrator Plugin 3.0 and earlier allows attackers to send an HTTP POST request to an attacker-specified URL.

CVE-2022-34134

February 23, 2023 by godfreyd94

Benjamin BALET Jorani v1.0 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component /application/controllers/Users.php.

CVE-2022-34158

February 23, 2023 by godfreyd94

A carefully crafted invocation on the Image plugin could trigger an CSRF vulnerability on Apache JSPWiki before 2.11.3, which could allow a group privilege escalation of the attacker’s account. Further examination of this issue established that it could also be used to modify the email associated with the attacked account, and then a reset password request from the login page.

CVE-2022-34161

February 23, 2023 by godfreyd94

IBM CICS TX 11.1 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts. IBM X-Force ID: 229331.

CVE-2022-34020

February 23, 2023 by godfreyd94

Cross Site Request Forgery (CSRF) vulnerability in ResIOT ResIOT IOT Platform + LoRaWAN Network Server through 4.1.1000114 allows attackers to add new admin users to the platform or other unspecified impacts.

  • « Go to Previous Page
  • Go to page 1
  • Interim pages omitted …
  • Go to page 360
  • Go to page 361
  • Go to page 362
  • Go to page 363
  • Go to page 364
  • Interim pages omitted …
  • Go to page 424
  • Go to Next Page »

Copyright CVE Vulnerabilities 2023
Data Sources:

  • NIST
  • MITRE
  • CVE Search
  • Open CVE