Falhas do tipo CWE-352
5.677 resultadosCVE-2019-3876MEDIUMA flaw was found in the /oauth/token/request custom endpoint of the OpenShift OAuth server allowing for XSS generation of CLI tokens due to EPSS 0.7%CVE-2022-0505MEDIUMCross-Site Request Forgery (CSRF) in microweber/microweberEPSS 0.7%CVE-2021-1227HIGHCisco NX-OS Software NX-API Cross-Site Request Forgery VulnerabilityEPSS 0.7%CVE-2021-24711—Software License Manager < 4.5.1 - Arbitrary Domain Deletion via CSRFEPSS 0.7%CVE-2022-22808—A CWE-352: Cross-Site Request Forgery (CSRF) exists that could cause a remote attacker to gain unauthorized access to the product when conduEPSS 0.7%CVE-2020-20726HIGHCross Site Request Forgery vulnerability in Gila GilaCMS v.1.11.4 allows a remote attacker to execute arbitrary code via the cm/update_rows/EPSS 0.7%CVE-2018-7524—A cross-site request forgery vulnerability has been identified in Geutebruck G-Cam/EFD-2250 Version 1.12.0.4 and Topline TopFD-2125 Version EPSS 0.7%CVE-2021-29435HIGHCross-Site Request Forgery (CSRF) in trestle-authEPSS 0.7%CVE-2023-50722CRITICALXWiki Platform XSS/CSRF Remote Code Execution in XWiki.ConfigurableClassEPSS 0.7%CVE-2024-27474HIGHLeantime 3.0.6 is vulnerable to Cross Site Request Forgery (CSRF). This vulnerability allows malicious actors to perform unauthorized actionEPSS 0.7%CVE-2024-32104MEDIUMWordPress NextMove Lite plugin <= 2.18.1 - Cross Site Request Forgery (CSRF) vulnerabilityEPSS 0.7%CVE-2020-36504—WP-Pro-Quiz <= 0.37 - Arbitrary Quiz Deletion via CSRFEPSS 0.6%CVE-2022-3427HIGHCorner Ad <= 1.0.56 - Cross-Site Request ForgeryEPSS 0.6%CVE-2019-12636HIGHCisco Small Business Smart and Managed Switches Cross-Site Request Forgery VulnerabilityEPSS 0.6%CVE-2024-48846HIGHCross Side Request Forgery, CSRFEPSS 0.6%CVE-2016-9365HIGHAn issue was discovered in Moxa NPort 5110 versions prior to 2.6, NPort 5130/5150 Series versions prior to 3.6, NPort 5200 Series versions pEPSS 0.6%CVE-2017-6042—A Cross-Site Request Forgery issue was discovered in Sierra Wireless AirLink Raven XE, all versions prior to 4.0.14, and AirLink Raven XT, aEPSS 0.6%CVE-2017-14011—A Cross-Site Request Forgery issue was discovered in ProMinent MultiFLEX M10a Controller web interface. The application does not sufficientlEPSS 0.6%CVE-2021-34645HIGHShopping Cart & eCommerce Store <= 5.1.0 Cross-Site Request Forgery to Stored Cross-Site ScriptingEPSS 0.6%CVE-2024-52002HIGHCross-Site Request Forgery (CSRF) in several iTop pagesEPSS 0.6%