Security
Headlines
HeadlinesLatestCVEs

Tag

#csrf

Online ID Generator 1.0 Cross Site Request Forgery

Online ID Generator version 1.0 suffers from a cross site request forgery vulnerability.

Packet Storm
#csrf#vulnerability#windows#google#java#php#auth#firefox
GHSA-hrf9-rm95-fpf3: Mattermost Cross-Site Request Forgery vulnerability

Mattermost versions 9.9.x <= 9.9.1, 9.5.x <= 9.5.7, 9.10.x <= 9.10.0, 9.8.x <= 9.8.2 fail to sanitize user inputs in the frontend that are used for redirection which allows for a one-click client-side path traversal that is leading to CSRF in User Management page of the system console.

Online Banking System 1.0 Cross Site Request Forgery

Online Banking System version 1.0 suffers from a cross site request forgery vulnerability.

Music Gallery Site 1.0 Cross Site Request Forgery

Music Gallery Site version 1.0 suffers from a cross site request forgery vulnerability.

Multi-Vendor Online Groceries Management System 1.0 Cross Site Request Forgery

Multi-Vendor Online Groceries Management System version 1.0 suffers from a cross site request forgery vulnerability.

Medical Center Portal 1.0 Cross Site Request Forgery

Medical Center Portal version 1.0 suffers from a cross site request forgery vulnerability.

Event Registration and Attendance System 1.0 Cross Site Request Forgery

Event Registration and Attendance System version 1.0 suffers from a cross site request forgery vulnerability.

Cab Management System 1.0 Cross Site Request Forgery

Cab Management System version 1.0 suffers from a cross site request forgery vulnerability.

GHSA-4crf-28c7-v4gr: Openshift Console insufficient entropy vulnerability

An insufficient entropy vulnerability was found in the Openshift Console. In the authorization code type and implicit grant type, the OAuth2 protocol is vulnerable to a Cross-Site Request Forgery (CSRF) attack if the state parameter is used inefficiently. This flaw allows logging into the victim’s current application account using a third-party account without any restrictions.

Lost and Found Information System 1.0 Cross Site Request Forgery

Lost and Found Information System version 1.0 suffers from a cross site request forgery vulnerability.