映射到 CWE-352 的搜索结果 (1324)

CVE-2016-0356(发布:2017-08-29 14:29:00)NM
CVSS4.0

[原文]IBM Sametime Enterprise Meeting Server 8.5.2 and 9.0 could allow an authenticated user that has been invited to a Sametime meeting room, to cause the screen sharing to cease through the use of cross-site request forgery. IBM X-Force ID: 111895.

CVE-2016-2965(发布:2017-08-29 14:29:00)NM
CVSS4.3

[原文]IBM Sametime Meeting Server 8.5.2 and 9.0 is vulnerable to cross-site request forgery, caused by improper validation of user-supplied input. By persuading a user to visit a malicious link, a remote attacker could force the user to log out of Sametime. IBM X-Force ID: 113846.

CVE-2015-3655(发布:2017-08-29 11:29:00)NMS
CVSS6.8

[原文]Cross-site request forgery (CSRF) vulnerability in Aruba Networks ClearPass Policy Manager before 6.4.7 and 6.5.x before 6.5.2 allows remote attackers to hijack the authentication of administrators by leveraging improper enforcement of the anti-CSRF token.

CVE-2014-8900(发布:2017-08-28 11:29:00)NMC
CVSS6.8

[CNNVD]IBM UrbanCode Release 跨站请求伪造漏洞--IBM UrbanCode Release(UCR)是美国IBM公司的一套用于管理多个相关应用发行及其部署的协作发行软件平台。该平台支持在生命周期模型的每个阶段规划、执行和追踪软件的发行。 IBM UCR中存在跨站请求伪造漏洞,该漏洞源于程序没有正确验证HTTP请求。远程攻击者可...

CVE-2017-7926(发布:2017-08-25 15:29:00)NMS
CVSS6.8

[原文]A Cross-Site Request Forgery issue was discovered in OSIsoft PI Web API versions prior to 2017 (1.9.0). The vulnerability allows cross-site request forgery (CSRF) attacks to occur when an otherwise-unauthorized cross-site request is sent from a browser the server has previously authenticated.

CVE-2015-5258(发布:2017-08-22 14:29:00)NM
CVSS6.8

[原文]Cross-site request forgery (CSRF) vulnerability in springframework-social before 1.1.3.

首页上一页56789101112下一页尾页 第7页 / 共221页

关于SCAP中文社区

SCAP中文社区是国内第一个以SCAP为主题的中文开放社区。了解更多信息,请查阅[关于本站]

版权声明

CVE/CWE/OVAL均为MITRE公司的注册商标,它们的官方数据源均保存在MITRE公司的相关网站