4 matches found
CVE-2026-8435
Concrete CMS is affected: versions 9.0–9.4.x are vulnerable to Cross-Site Request Forgery in the approveVersion() endpoint located at concrete/controllers/backend/file. The issue is CSRF due to lack of proper request binding; exploitation would require user interaction. Remediation provided in so...
PT-2021-16151 · WordPress · Visual Link Preview
Name of the Vulnerable Software and Affected Versions: Visual Link Preview WordPress plugin versions prior to 2.2.3 Description: The issue allows any authenticated user to call several AJAX actions without proper authorization, due to the CSRF nonce being displayed for all authenticated users. Th...
CVE-2018-7677
A CSRF exposure exists in NetIQ Access Manager NAM 4.4 Identity Server component...
CVE-2018-7677
The CVE-2018-7677 entry applies to NetIQ Access Manager (NAM) 4.4 Identity Server component. The vulnerability arises because HTTP requests are not properly validated, creating a cross-site request forgery (CSRF) exposure. This allows an attacker to perform unauthorized operations against the aff...