CSRF - CVE CyberSecurity Database News (Page 31)

Sep 18, 2023 CSRF API Exploit usememos

CVE-2023-5036 - Exploiting CSRF in usememos/memos (Before .15.1)

If you use the open-source project memos, you should be aware of a critical security flaw tracked as CVE-2023-5036. In versions before .15.1, there

Sep 14, 2023 CSRF WebSocket PHP Movim

CVE-2023-2848 - How a Missing Header Let Attackers Hijack WebSockets in Movim (Pre-.22)

In the world of open-source social networking, security can sometimes be overlooked. That happened in Movim, a decentralized social platform built on XMPP. Before version

Sep 6, 2023 CSRF Exploit Java Jenkins Project Jenkins Azure AD Plugin

CVE-2023-41935 - Exploiting Timing Attacks in Jenkins Azure AD Plugin (396.v86ce29279947 and Earlier)

Jenkins is a widely used automation server for building, testing, and deploying software projects. With countless plugins for integration, security is always a top concern.

Sep 6, 2023 CSRF XSS API Java Jenkins Project Jenkins Job Configuration History Plugin

CVE-2023-41931 - Exploiting Jenkins Job Configuration History Plugin XSS Vulnerability (Detailed Walkthrough)

Jenkins is one of the most widely used open-source automation servers for continuous integration and continuous delivery (CI/CD). Plugins expand Jenkins features but sometimes

Sep 6, 2023 CSRF Exploit Jenkins Project Jenkins AWS CodeCommit Trigger Plugin

CVE-2023-41942 - How a CSRF Flaw in Jenkins AWS CodeCommit Trigger Plugin Lets Attackers Clear SQS Queues

Jenkins is widely used for automation, and the AWS CodeCommit Trigger Plugin adds the ability to hook up AWS CodeCommit events with Jenkins jobs. But,