request forgery - Robuta Search

https://owasp.org/www-community/attacks/csrf Cross Site Request Forgery (CSRF) | OWASP Foundation Cross Site Request Forgery (CSRF) on the main website for The OWASP Foundation. OWASP is a nonprofit foundation that works to improve the security of software. cross site request forgery csrf owasp foundation https://devhub.checkmarx.com/cve-details/cve-2020-15152/ Server-Side Request Forgery (SSRF) in ftp-srv - CVE-2020-15152 - DevHub Apr 9, 2023 - ftp-srv before 2.19.6, 3.x before 3.1.2, and 4.x before 4.3.4 are vulnerable to Server-Side Request Forgery. The PORT command allows arbitrary IPs which can be... server side request forgery https://www.drupal.org/sa-contrib-2023-015 File Chooser Field - Moderately critical - Server Side Request Forgery, Information Disclosure -... Aug 10, 2023 - The File Chooser Field allows users to upload files using 3rd party plugins such as Google Drive and Dropbox. This module fails to validate user input... file chooser server side request forgery field critical https://guard-api.com/guides/how-to-fix-ssrf-in-codeigniter/ Fix SSRF (Server Side Request Forgery) in CodeIgniter | GuardAPI Security Guide server side request forgery fix ssrf https://guard-api.com/guides/how-to-fix-ssrf-in-phalcon/ Fix SSRF (Server Side Request Forgery) in Phalcon | GuardAPI Security Guide server side request forgery fix ssrf https://app-attack-matrix.com/techniques/Payload%20Execution/Request%20Forgery/subtechniques/CSRF/ Cross-Site Request Forgery (CSRF) - Application Security Tactics & Techniques Matrix cross site request forgery application security csrf tactics techniques https://advisories.gitlab.com/nuget/umbracocms.core/CVE-2020-7210/ Cross-Site Request Forgery (CSRF) | GitLab Advisory Database (GLAD) CVE-2020-7210 Cross-Site Request Forgery (CSRF): Umbraco CMS 8.2.2 allows CSRF to enable/disable or delete user accounts. cross site request forgery csrf gitlab advisory database https://patchstack.com/database/wordpress/plugin/aruba-hispeed-cache/vulnerability/wordpress-aruba-hispeed-cache-plugin-3-0-4-cross-site-request-forgery-to-plugin-settings-reset-vulnerability Cross Site Request Forgery (CSRF) in WordPress Aruba HiSpeed Cache Plugin - Patchstack Patchstack is the leading open source vulnerability research organization. Find information and protection for all WordPress, Drupal and Joomla security issues. cross site request forgery https://advisories.gitlab.com/maven/org.jenkins-ci.plugins/codedx/CVE-2023-2631/ Cross-Site Request Forgery (CSRF) | GitLab Advisory Database (GLAD) CVE-2023-2631 Cross-Site Request Forgery (CSRF): A missing permission check in Jenkins Code Dx Plugin 3.1.0 and earlier allows attackers with Overall/Read... cross site request forgery csrf gitlab advisory database https://security.snyk.io/vuln/SNYK-PHP-THORSTENPHPMYFAQ-72051 Cross-Site Request Forgery (CSRF) in thorsten/phpmyfaq | CVE-2017-15735 | Snyk High severity (8.8) Cross-Site Request Forgery (CSRF) in thorsten/phpmyfaq | CVE-2017-15735 cross site request forgery https://auth-wiki.logto.io/csrf What is Cross-site request forgery (CSRF)? · Auth Wiki Cross-site request forgery (CSRF) is an attack that deceives users into executing unwanted actions on a web application in which they are authenticated. It is... cross site request forgery what is csrf auth wiki https://advisories.gitlab.com/maven/org.apache.xmlgraphics/batik/CVE-2022-38398/ Apache Batik Server-Side Request Forgery | GitLab Advisory Database (GLAD) CVE-2022-38398 Apache Batik Server-Side Request Forgery : Server-Side Request Forgery (SSRF) vulnerability in Batik of Apache XML Graphics allows an attacker... server side request forgery apache batik gitlab https://advisories.gitlab.com/maven/com.jfinal/jfinal/CVE-2023-49374/ Cross-Site Request Forgery (CSRF) | GitLab Advisory Database (GLAD) CVE-2023-49374 Cross-Site Request Forgery (CSRF): JFinalCMS v5.0.0 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via... cross site request forgery csrf gitlab advisory database https://advisories.gitlab.com/maven/org.jenkins-ci.main/jenkins-core/CVE-2025-27624/ Jenkins cross-site request forgery (CSRF) vulnerability | GitLab Advisory Database (GLAD) CVE-2025-27624 Jenkins cross-site request forgery (CSRF) vulnerability: Jenkins 2.499 and earlier, LTS 2.492.1 and earlier does not require POST requests for... cross site request forgery jenkins https://advisories.gitlab.com/maven/org.apache.xmlgraphics/batik-dom/CVE-2022-40146/ Server-Side Request Forgery (SSRF) | GitLab Advisory Database (GLAD) CVE-2022-40146 Server-Side Request Forgery (SSRF): Server-Side Request Forgery (SSRF) vulnerability in Batik of Apache XML Graphics allows an attacker to... server side request forgery ssrf gitlab advisory https://advisories.gitlab.com/maven/org.jenkins-ci.plugins/teamconcert/CVE-2019-16565/ Cross-Site Request Forgery (CSRF) | GitLab Advisory Database (GLAD) CVE-2019-16565 Cross-Site Request Forgery (CSRF): A cross-site request forgery vulnerability in Jenkins Team Concert Plugin 1.3.0 and earlier allows attackers... cross site request forgery csrf gitlab advisory database https://devhub.checkmarx.com/cve-details/cve-2017-3877/ Cross-Site Request Forgery (CSRF) - CVE-2017-3877 - DevHub May 9, 2023 - A vulnerability in the web framework of Cisco Unified Communications Manager (CallManager) could allow an unauthenticated, remote attacker to conduct a... cross site request forgery csrf cve devhub https://advisories.gitlab.com/pypi/ethyca-fides/CVE-2023-46124/ Fides Server-Side Request Forgery Vulnerability in Custom Integration Upload | GitLab Advisory... CVE-2023-46124 Fides Server-Side Request Forgery Vulnerability in Custom Integration Upload: Impact The Fides web application allows a custom integration to be... server side request forgery https://www.drupal.org/sa-core-2020-004 Drupal core - Critical - Cross Site Request Forgery - SA-CORE-2020-004 | Drupal.org Aug 21, 2022 - The Drupal core Form API does not properly handle certain form input from cross-site requests, which can lead to other vulnerabilities. cross site request forgery drupal core critical https://michalszalkowski.com/pentesting-web/vulnerabilities/cross-site-request-forgery-CSRF/ Cross Site Request Forgery (CSRF) - MichalSzalkowski.com cross site request forgery csrf https://advisories.gitlab.com/composer/bagisto/bagisto/CVE-2023-36237/ Bagisto Cross-Site Request Forgery vulnerability | GitLab Advisory Database (GLAD) CVE-2023-36237 Bagisto Cross-Site Request Forgery vulnerability: Cross Site Request Forgery vulnerability in Bagisto before v.1.3.2 allows an attacker to... cross site request forgery bagisto vulnerability gitlab advisory https://mailarchive.ietf.org/arch/msg/quic-issues/nySpgdabBSOGCvrB6U5kWvZ9AD0/ Re: [quicwg/base-drafts] Document request forgery (#3996) Search IETF mail list archives document request base drafts forgery https://www.dotnetfunda.com/interviews/show/7230/what-is-cross-site-request-forgery-csrf-in-web-application What is cross site request forgery (CSRF) in web a ... - DotNetFunda.com Cross Site Request Forgery (CSRF) is a type of attack on the web application or on the website where a malicious user can insert or update data on behalf of cross site request forgery what is https://devhub.checkmarx.com/cve-details/cve-2012-3532/ Cross-Site Request Forgery (CSRF) - CVE-2012-3532 - DevHub Cross-site request forgery (CSRF) vulnerability in the GateIn Portal component in JBoss Enterprise Portal Platform 5.2.2 and earlier allows remote attackers to... cross site request forgery csrf cve devhub https://docs.escape.tech/documentation/reference/vulnerabilities/ssrf_agent/ Server-Side Request Forgery - Escape Documentation Replace legacy scanners and manual offensive security processes with AI agents that discover, test, and remediate directly in your engineering workflows. server side request forgery escape documentation https://devhub.checkmarx.com/cve-details/cve-2020-36504/ Cross-Site Request Forgery (CSRF) - CVE-2020-36504 - DevHub May 9, 2023 - The WP-Pro-Quiz WordPress plugin through 0.37 does not have CSRF check in place when deleting a quiz, which could allow an attacker to make a logged in admin... cross site request forgery csrf cve devhub https://devhub.checkmarx.com/cve-details/cve-2020-14023/ Server-Side Request Forgery (SSRF) - CVE-2020-14023 - DevHub May 9, 2023 - Ozeki NG SMS Gateway through 4.17.6 allows SSRF via SMS WCF or RSS To SMS. server side request forgery ssrf cve devhub https://advisories.gitlab.com/maven/org.jenkins-ci.plugins/testquality-updater/CVE-2023-24452/ Cross-Site Request Forgery (CSRF) | GitLab Advisory Database (GLAD) CVE-2023-24452 Cross-Site Request Forgery (CSRF): A cross-site request forgery (CSRF) vulnerability in Jenkins TestQuality Updater Plugin 1.3 and earlier... cross site request forgery csrf gitlab advisory database https://owasp.org/Top10/2021/A10_2021-Server-Side_Request_Forgery_(SSRF)/ A10 Server Side Request Forgery (SSRF) - OWASP Top 10:2021 server side request forgery ssrf owasp top https://security.snyk.io/vuln/SNYK-PHP-THORSTENPHPMYFAQ-72056 Cross-Site Request Forgery (CSRF) in thorsten/phpmyfaq | CVE-2017-15808 | Snyk High severity (8.8) Cross-Site Request Forgery (CSRF) in thorsten/phpmyfaq | CVE-2017-15808 cross site request forgery https://docs.datadoghq.com/security/default_rules/def-000-dmz/ Route vulnerable to Server-Side Request Forgery (SSRF) Datadog, the leading service for cloud-scale monitoring. server side request forgery route vulnerable ssrf https://www.pluginvulnerabilities.com/2019/08/09/cross-site-request-forgery-csrf-cross-site-scripting-xss-vulnerability-in-social-likebox-feed/ Cross-Site Request Forgery (CSRF)/Cross-Site Scripting (XSS) Vulnerability in Social LikeBox & Feed... cross site request forgery https://rosecurify.com/advisories/RO-26-001-mailpit-server-side-request-forgery-ssrf/ Mailpit - Server-Side Request Forgery (SSRF) · Rosecurify server side request forgery mailpit ssrf https://advisories.gitlab.com/maven/org.jenkins-ci.plugins/matlab/CVE-2023-49655/ Cross-Site Request Forgery (CSRF) | GitLab Advisory Database (GLAD) CVE-2023-49655 Cross-Site Request Forgery (CSRF): A cross-site request forgery (CSRF) vulnerability in Jenkins MATLAB Plugin 2.11.0 and earlier allows... cross site request forgery csrf gitlab advisory database https://pentest-tools.com/vulnerabilities-exploits/lollms-webui-server-side-request-forgery_29191 LoLLMs WEBUI - Server-Side Request Forgery (CVE-2026-33340) - Vulnerability & Exploit Database Attackers can access internal services, scan local networks, or exfiltrate sensitive cloud metadata, potentially leading to data exposure and further... server side request forgery https://docs.countersoft.com/cross-site-request-forgery/ Cross-site Request Forgery | Gemini Documentation Product documentation for Countersoft Gemini, Sentry, Breeze, Saucery and Microsoft integrations cross site request forgery gemini documentation https://advisories.gitlab.com/maven/com.jfinal/jfinal/CVE-2023-49383/ Cross-Site Request Forgery (CSRF) | GitLab Advisory Database (GLAD) CVE-2023-49383 Cross-Site Request Forgery (CSRF): JFinalCMS v5.0.0 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via... cross site request forgery csrf gitlab advisory database https://advisories.gitlab.com/pypi/mlflow/CVE-2025-1473/ MLflow Cross-Site Request Forgery (CSRF) vulnerability | GitLab Advisory Database (GLAD) CVE-2025-1473 MLflow Cross-Site Request Forgery (CSRF) vulnerability: A Cross-Site Request Forgery (CSRF) vulnerability exists in the Signup feature of... cross site request forgery mlflow https://securityvulnerability.io/vulnerability/CVE-2024-12376 CVE-2024-12376 : Server-Side Request Forgery Vulnerability in lm-sys/fastchat Web Server Aug 1, 2025 - Discover the SSRF vulnerability affecting lm-sys/fastchat web server. Learn how it can expose critical internal resources. https://advisories.gitlab.com/composer/phpoffice/phpexcel/CVE-2024-45290/ PhpSpreadsheet allows absolute path traversal and Server-Side Request Forgery when opening XLSX... CVE-2024-45290 PhpSpreadsheet allows absolute path traversal and Server-Side Request Forgery when opening XLSX file: It's possible for an attacker to construct... https://www.exploit-db.com/exploits/45532 Netis ADSL Router DL4322D RTK 2.1.1 - Cross-Site Request Forgery (Add Admin) - Hardware webapps... Oct 5, 2018 - Netis ADSL Router DL4322D RTK 2.1.1 - Cross-Site Request Forgery (Add Admin).. webapps exploit for Hardware platform https://krbdev.mit.edu/rt/Ticket/?ForceShowHistory=1;ShowHeaders=1;id=7742 Possible cross-site request forgery possible cross site request forgery https://advisories.gitlab.com/pypi/open-webui/CVE-2025-65958/ Open WebUI vulnerable to Server-Side Request Forgery (SSRF) via Arbitrary URL Processing in... CVE-2025-65958 Open WebUI vulnerable to Server-Side Request Forgery (SSRF) via Arbitrary URL Processing in /api/v1/retrieval/process/web: A Server-Side Request... https://advisories.gitlab.com/composer/statamic/cms/CVE-2026-28423/ Statamic Vulnerable to Server-Side Request Forgery via Glide | GitLab Advisory Database (GLAD) CVE-2026-28423 Statamic Vulnerable to Server-Side Request Forgery via Glide: When Glide image manipulation is used in insecure mode (which is not the default),... https://securitylab.github.com/advisories/GHSL-2023-067_servicenow-devops-plugin_Jenkins_plugin/ GHSL-2023-067: Server-Side Request Forgery (SSRF) in jenkinsci/servicenow-devops-plugin -... Aug 25, 2023 - A Server-Side Request Forgery (SSRF) vulnerability in jenkinsci/servicenow-devops-plugin allows the leak of sensitive credentials to an attacker-controlled... https://www.invicti.com/web-application-vulnerabilities/wordpress-plugin-import-export-customizer-settings-cross-site-request-forgery-1-0-3 WordPress Plugin Import/Export Customizer Settings Cross-Site Request Forgery (1.0.3) - Web... WordPress Plugin Import/Export Customizer Settings is prone to a cross-site request forgery vulnerability. Exploiting this issue may allow a... WordPress... cross site request forgery https://spring.io/security/cve-2026-22742/ CVE-2026-22742: Server-Side Request Forgery in BedrockProxyChatModel via Unvalidated Media URL... Level up your Java code and explore what Spring can do for you. https://krbdev.mit.edu/rt/Ticket/?HideUnsetFields=1;id=8599 Possible cross-site request forgery possible cross site request forgery https://krbdev.mit.edu/rt/Ticket/?HideUnsetFields=1;id=9108 Possible cross-site request forgery possible cross site request forgery https://www.exploit-db.com/exploits/44938 Ecessa ShieldLink SL175EHQ 10.7.4 - Cross-Site Request Forgery (Add Superuser) - Hardware webapps... cross site request forgery