CVE-2023-7045 - How a CSRF Flaw in GitLab Let Attackers Steal Anti-CSRF Tokens via Kubernetes Agent Server
In late 2023, a critical security vulnerability—CVE-2023-7045—was found in major versions of GitLab Community Edition (CE) and Enterprise Edition (EE). Spanning from version
CVE-2024-35560 - CSRF Vulnerability in idccms v1.35 – Full Exploit & Analysis
Date Reported: June 2024
Severity: High
Vulnerability Type: Cross-Site Request Forgery (CSRF)
Affected Software: idccms v1.35
Vulnerable Component: /admin/ca_deal.php?mudi=del&
CVE-2024-35554 - Exploiting CSRF in idccms v1.35's NewsWeb Delete Endpoint
Summary:
On June 2024, a Cross-Site Request Forgery (CSRF) vulnerability was found in idccms v1.35. Bad actors can exploit it to make unwanted changes
CVE-2023-44478 - How a CSRF Vulnerability in WP Hive Events Rich Snippets for Google Allows Attackers to Exploit Trusted Credentials
_Discovered in 2023, CVE-2023-44478 shocked website owners who used the WP Hive “Events Rich Snippets for Google” WordPress plugin. This cross-site request forgery (CSRF) vulnerability
CVE-2024-4597 - Exploiting GitLab EE SAML CSRF to Force Merge Request Approval
GitLab EE (Enterprise Edition) is well-known in the DevOps world, powering workflows and helping teams ship software faster. But with great popularity comes scrutiny—and
Episode
00:00:00
00:00:00