Falhas do tipo CWE-352

5.677 resultados
CVE-2021-24504WP LMS <= 1.1.2 - Stored Cross-Site Scripting (XSS)EPSS 0.8%CVE-2024-20718MEDIUM[Spain] CSRF to delete Requisition Lists at Adobe CommerceEPSS 0.8%CVE-2025-28062HIGHA Cross-Site Request Forgery (CSRF) vulnerability was discovered in ERPNEXT 14.82.1 and 14.74.3. The vulnerability allows an attacker to perEPSS 0.8%CVE-2017-5187A Cross-Site Request Forgery (CWE-352) vulnerability in Directory Server (aka Enterprise Server Administration web UI) in Micro Focus EnterpEPSS 0.8%CVE-2017-7423A Cross-Site Request Forgery (CWE-352) vulnerability in esfadmingui in Micro Focus Enterprise Developer and Enterprise Server 2.3, 2.3 UpdatEPSS 0.8%CVE-2019-1797HIGHCisco Wireless LAN Controller Software Cross-Site Request Forgery VulnerabilityEPSS 0.7%CVE-2022-1788Change Uploaded File Permissions <= 4.0.0 - File Permission Update via CSRFEPSS 0.7%CVE-2022-0196MEDIUMCross-Site Request Forgery (CSRF) in phoronix-test-suite/phoronix-test-suiteEPSS 0.7%CVE-2021-36570HIGHCross Site Request Forgery vulnerability in FUEL-CMS 1.4.13 allows remote attackers to run arbitrary code via post ID to /permissions/deleteEPSS 0.7%CVE-2021-35242HIGHA valid CSRF token is present in response to an invalid requestEPSS 0.7%CVE-2021-25931HIGHIn OpenNMS Horizon, versions opennms-1-0-stable through opennms-27.1.0-1; OpenNMS Meridian, versions meridian-foundation-2015.1.0-1 through EPSS 0.7%CVE-2025-21193MEDIUMActive Directory Federation Server Spoofing VulnerabilityEPSS 0.7%CVE-2020-15135MEDIUMCSRF vulnerability in save-serverEPSS 0.7%CVE-2021-34619HIGHCross-Site Request Forgery in WooCommerce Stock Manager WordPress PluginEPSS 0.7%CVE-2021-22512Cross-Site Request Forgery (CSRF) vulnerability in Micro Focus Application Automation Tools Plugin - Jenkins plugin. The vulnerability affecEPSS 0.7%CVE-2021-24565Contact Form 7 Captcha < 0.0.9 - CSRF to Stored XSSEPSS 0.7%CVE-2018-0270A vulnerability in the web-based management interface of Cisco IoT Field Network Director (IoT-FND) could allow an unauthenticated, remote aEPSS 0.7%CVE-2021-21275MEDIUMCSRF in MediaWiki Report extensionEPSS 0.7%CVE-2017-5244Routes used to stop running Metasploit tasks (either particular ones or all tasks) allowed GET requests. Only POST requests should have beenEPSS 0.7%CVE-2021-24626Chameleon CSS <= 1.2 - Subscriber+ SQL InjectionEPSS 0.7%