Falhas do tipo CWE-352
5.677 resultadosCVE-2019-6561—Cross-site request forgery has been identified in Moxa IKS and EDS, which may allow for the execution of unauthorized actions on the device.EPSS 1.2%CVE-2018-0210—A vulnerability in the web-based management interface of Cisco Data Center Network Manager could allow an unauthenticated, remote attacker tEPSS 1.2%CVE-2018-10895CRITICALqutebrowser before version 1.4.1 is vulnerable to a cross-site request forgery flaw that allows websites to access 'qute://*' URLs. A maliciEPSS 1.2%CVE-2020-15182HIGHCross-site Request Forgery leading to RCE in SOY CMSEPSS 1.2%CVE-2018-15438MEDIUMCisco Prime Collaboration Assurance Cross-Site Request Forgery VulnerabilityEPSS 1.2%CVE-2017-12253—A vulnerability in the Cisco Unified Intelligence Center could allow an unauthenticated, remote attacker to execute unwanted actions. The vuEPSS 1.2%CVE-2017-3187—The dotCMS administration panel, versions 3.7.1 and earlier, are vulnerable to cross-site request forgeryEPSS 1.1%CVE-2017-2688—The integrated web server in Siemens RUGGEDCOM ROX I (all versions) at port 10000/TCP could allow remote attackers to perform actions with tEPSS 1.1%CVE-2024-40815HIGHA race condition was addressed with additional validation. This issue is fixed in iOS 17.6 and iPadOS 17.6, macOS Sonoma 14.6, macOS VenturaEPSS 1.1%CVE-2019-1713HIGHCisco Adaptive Security Appliance Software Cross-Site Request Forgery VulnerabilityEPSS 1.1%CVE-2019-10186MEDIUMA flaw was found in moodle before versions 3.7.1, 3.6.5, 3.5.7. A sesskey (CSRF) token was not being utilised by the XML loading/unloading aEPSS 1.1%CVE-2022-2441HIGHImageMagick Engine <= 1.7.5 - Cross-Site Request Forgery to Remote Command ExecutionEPSS 1.1%CVE-2025-23922CRITICALWordPress iSpring Embedder plugin <= 1.0 - CSRF to Arbitrary File Upload vulnerabilityEPSS 1.0%CVE-2023-49920—Apache Airflow: Missing CSRF protection on DAG/triggerEPSS 1.0%CVE-2020-12502HIGHPepperl+Fuchs improper authorization affects multiple Comtrol RocketLinx productsEPSS 1.0%CVE-2024-0379MEDIUMCustom Twitter Feeds – A Tweets Widget or X Feed Widget <= 2.2.1 - Cross-Site Request Forgery to Plugin Options UpdateEPSS 1.0%CVE-2023-24457MEDIUMA cross-site request forgery (CSRF) vulnerability in Jenkins Keycloak Authentication Plugin 2.3.0 and earlier allows attackers to trick userEPSS 1.0%CVE-2009-3022MEDIUMCross-site request forgery (CSRF) vulnerability in bingo!CMS 1.2 and earlier allows remote attackers to hijack the authentication of other uEPSS 1.0%CVE-2016-10522—rails_admin ruby gem <v1.1.1 is vulnerable to cross-site request forgery (CSRF) attacks. Non-GET methods were not validating CSRF tokens andEPSS 1.0%CVE-2019-16009HIGHCisco IOS and Cisco IOS XE Software Web UI Cross-Site Request Forgery VulnerabilityEPSS 1.0%