Lucene search
K

6 matches found

RedhatCVE
RedhatCVE
added 2026/01/09 10:43 a.m.10 views

CVE-2022-26779

Apache CloudStack prior to 4.16.1.0 used insecure random number generation for project invitation tokens. If a project invite is created based only on an email address, a random token is generated. An attacker with knowledge of the project ID and the fact that the invite is sent, could generate...

7.5CVSS6.7AI score0.02806EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/22 9:0 p.m.7 views

CVE-2021-20165

Trendnet AC2600 TEW-827DRU version 2.08B01 does not properly implement csrf protections. Most pages lack proper usage of CSRF protections or mitigations. Additionally, pages that do make use of CSRF tokens are trivially bypassable as the server does not appear to validate them properly i.e...

8.8CVSS7AI score0.00623EPSS
Exploits1References1
Positive Technologies
Positive Technologies
added 2024/02/08 12:0 a.m.4 views

PT-2024-13031 · Ibm · Ibm Sterling B2B Integrator Standard Edition

Name of the Vulnerable Software and Affected Versions: IBM Sterling B2B Integrator Standard Edition versions 6.0.0.0 through 6.0.3.8 IBM Sterling B2B Integrator Standard Edition versions 6.1.0.0 through 6.1.2.3 Description: The issue allows attackers to obtain cookie values by sending a http link...

4.3CVSS4.4AI score0.00272EPSS
Exploits0References5
Veracode
Veracode
added 2021/02/22 7:8 a.m.44 views

Insecure Anti-CSRF Tokens

myfaces-impl uses an insecure cryptographic random for anti-CSRF tokens. The usage of the insecure tokens would allow an attacker to predict subsequent anti-CSRF token values and successfully perform requests on behalf of the users...

7.5CVSS3.6AI score0.03026EPSS
Exploits3References5Affected Software1
Cvelist
Cvelist
added 2020/06/02 7:25 p.m.22 views

CVE-2020-13760

In Joomla! before 3.9.19, missing token checks in compostinstall lead to CSRF...

8.7AI score0.00677EPSS
Exploits0References1
OSV
OSV
added 2020/05/05 10:15 p.m.1 views

UBUNTU-CVE-2020-11035

In GLPI after version 0.83.3 and before version 9.4.6, the CSRF tokens are generated using an insecure algorithm. The implementation uses rand and uniqid and MD5 which does not provide secure values. This is fixed in version 9.4.6...

9.3CVSS7.3AI score0.00782EPSS
Exploits0References3
Rows per page
Query Builder