CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

13 matches found

EUVD•added 2025/10/03 8:7 p.m.•1 views

EUVD-2022-6261

Malicious code in bioql PyPI...

8.8CVSS8.6AI score0.00222EPSS

Exploits0References6

RedhatCVE•added 2025/05/22 4:8 p.m.•6 views

CVE-2020-28191

The console in Togglz before 2.9.4 allows CSRF...

8.8CVSS6.8AI score0.00222EPSS

Exploits0

NVD•added 2022/12/26 10:15 p.m.•8 views

CVE-2020-28191

The console in Togglz before 2.9.4 allows CSRF...

8.8CVSS0.00222EPSS

Exploits0References3

OSV•added 2022/12/26 10:15 p.m.•10 views

CVE-2020-28191

The console in Togglz before 2.9.4 allows CSRF...

8.8CVSS8.7AI score

Exploits0References3

Prion•added 2022/12/26 10:15 p.m.•9 views

Cross site request forgery (csrf)

The console in Togglz before 2.9.4 allows CSRF...

6.8CVSS8.7AI score0.00222EPSS

Exploits0References3Affected Software1

Cvelist•added 2022/12/26 12:0 a.m.•12 views

CVE-2020-28191

The console in Togglz before 2.9.4 allows CSRF...

8.7AI score0.00222EPSS

Exploits0References3

CVE•added 2022/12/26 12:0 a.m.•87 views

CVE-2020-28191

The CVE-2020-28191 entry concerns Togglz’s console vulnerability: CSRF in Togglz prior to version 2.9.4. The affected component is the Togglz console; root cause is lack of CSRF protection in the console workflow, enabling cross-site request forgery. The impact is high (as per CVSS 3.1: HIGH/CRIT...

8.8CVSS8.6AI score0.00222EPSS

Exploits0References3Affected Software1

Vulnrichment•added 2022/12/26 12:0 a.m.•5 views

CVE-2020-28191

The console in Togglz before 2.9.4 allows CSRF...

8.7AI score0.00222EPSS

Exploits0References3

CNNVD•added 2022/12/26 12:0 a.m.•2 views

Togglz 跨站请求伪造漏洞

Togglz is a Java implementation of the Feature Toggles pattern from the Togglz open source. A security vulnerability exists in versions of Togglz prior to 2.9.4 , which stems from a vulnerability in its console that allows an attacker to achieve cross-site request forgery...

8.8CVSS7.7AI score0.00222EPSS

Exploits0References4

Github Security Blog•added 2022/07/15 8:55 p.m.•33 views

Togglz console missing cross-site request forgery (CSRF) protection

Togglz is an implementation of the Feature Toggles pattern for Java. There is no CSRF protection in the togglz console and could allow an attacker to guess the CSRF token value. Version 2.9.4 adds the necessary CSRF protection...

8.8CVSS8.3AI score0.00222EPSS

Exploits0References5Affected Software1

vulnersOsv•added 2022/07/15 8:55 p.m.•2 views

com.breuninger.boot:spring-boot-starter-breuninger-togglz (>=2.0.0 <=2.0.5.RELEASE), com.oneops:secrets-proxy (>=1.2.0 <=1.5.0) +13 more potentially affected by CVE-2020-28191 via org.togglz:togglz-console (>=0.0.1 <=2.8.0)

org.togglz:togglz-console MAVEN version =0.0.1, =2.0.0, =1.2.0, =1.1, =1.0, =0.29.0, =2.1.0, =0.45.0, =0.45.0, =0.45.0, =0.8.0, =0.19.0, =0.8.0, =1.9.0, =2.2.0.Final, =2.8.0 Source cves: CVE-2020-28191 Source advisory: OSV:GHSA-697V-PXG3-J262...

8.8CVSS7.2AI score0.00222EPSS

Exploits0

OSV•added 2022/07/15 8:55 p.m.•20 views

GHSA-697V-PXG3-J262 Togglz console missing cross-site request forgery (CSRF) protection

8.8CVSS8.6AI score0.00222EPSS

Exploits0References5

Positive Technologies•added 2022/07/15 12:0 a.m.•4 views

PT-2022-8883 · Togglz · Togglz

Name of the Vulnerable Software and Affected Versions: Togglz versions prior to 2.9.4 Description: The issue concerns the lack of CSRF protection in the Togglz console, which could allow an attacker to guess the CSRF token value. This lack of protection makes the console susceptible to Cross-Site...

8.8CVSS8.7AI score0.00222EPSS

Exploits0References10

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by