映射到 CWE-352 的搜索结果 (1435)

CVE-2018-1514(发布:2018-06-07 10:29:00)NM
CVSS6.8

[原文]IBM Robotic Process Automation with Automation Anywhere 10.0 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts. IBM X-Force ID: 141622.

CVE-2017-7906(发布:2018-06-06 16:29:00)NM
CVSS6.8

[原文]In ABB IP GATEWAY 3.39 and prior, the web server does not sufficiently verify that a request was performed by the authenticated user, which may allow an attacker to launch a request impersonating that user.

CVE-2017-7635(发布:2018-06-05 17:29:00)NM
CVSS6.8

[原文]QNAP NAS application Proxy Server through version 1.2.0 does not utilize CSRF protections.

CVE-2015-7610(发布:2018-05-30 17:29:00)NM
CVSS6.8

[原文]Cross-site request forgery (CSRF) vulnerability in the login form in Zimbra Collaboration Suite (aka ZCS) before 8.6.0 Patch 10, 8.7.x before 8.7.11 Patch 2, and 8.8.x before 8.8.8 Patch 1 allows remote attackers to hijack the authentication of unspecified victims by leveraging failure to use a CSRF token.

CVE-2017-9641(发布:2018-05-25 11:29:00)NMS
CVSS6.8

[原文]PI Coresight 2016 R2 contains a cross-site request forgery vulnerability that may allow access to the PI system. OSIsoft recommends that users upgrade to PI Vision 2017 or greater to mitigate this vulnerability.

CVE-2018-1434(发布:2018-05-17 17:29:00)NMPS
CVSS6.8

[原文]IBM SAN Volume Controller, IBM Storwize, IBM Spectrum Virtualize and IBM FlashSystem products ( 6.1, 6.2, 6.3, 6.4, 7.1, 7.2, 7.3, 7.4, 7.5, 7.6, 7.6.1, 7.7, 7.7.1, 7.8, 7.8.1, 8.1, and 8.1.1) are vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts. IBM X-Force ID: 139474.

12345678下一页尾页 第1页 / 共240页

关于SCAP中文社区

SCAP中文社区是国内第一个以SCAP为主题的中文开放社区。了解更多信息,请查阅[关于本站]

版权声明

CVE/CWE/OVAL均为MITRE公司的注册商标,它们的官方数据源均保存在MITRE公司的相关网站