Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

94 advisories

Loading
Backend Same-Site Request Forgery in TYPO3 CMS High
CVE-2020-11069 was published for typo3/cms (Composer) May 13, 2020
ohader
CSRF issue on preview pages in Bolt CMS High
CVE-2020-4040 was published for bolt/bolt (Composer) Jun 9, 2020
staz0t
Observable Timing Discrepancy in OpenMage LTS High
CVE-2020-15151 was published for openmage/magento-lts (Composer) Aug 19, 2020
Flyingmana theroch
Cross-Site Request Forgery in ForkCMS High
CVE-2020-23960 was published for forkcms/forkcms (Composer) May 6, 2021
Cross-Site Request Forgery in forkcms High
CVE-2020-23264 was published for forkcms/forkcms (Composer) Jun 22, 2021
Cross-Site Request Forgery in GilaCMS High
CVE-2020-20693 was published for gilacms/gila (Composer) Sep 30, 2021
Cross-Site-Request-Forgery in Backend High
CVE-2021-41113 was published for typo3/cms (Composer) Oct 5, 2021
sushiwushi ohader
showdoc is vulnerable to Cross-Site Request Forgery (CSRF) High
CVE-2021-4017 was published for showdoc/showdoc (Composer) Dec 3, 2021
snipe-it is vulnerable to Cross-Site Request Forgery (CSRF) High
CVE-2021-4130 was published for snipe/snipe-it (Composer) Jan 5, 2022
livehelperchat is vulnerable to Cross-Site Request Forgery (CSRF) High
CVE-2021-4131 was published for remdex/livehelperchat (Composer) Jan 5, 2022
Cross-Site Request Forgery in yetiforce High
CVE-2022-0269 was published for yetiforce/yetiforce-crm (Composer) Jan 27, 2022
Cross Site Request Forgery in Moodle High
CVE-2022-0335 was published for moodle/moodle (Composer) Jan 28, 2022
CSRF token missing in Symfony High
CVE-2022-23601 was published for symfony/framework-bundle (Composer) Feb 1, 2022
jderusse nexxome
ovrflo
Cross Site Request Forgery in concrete5/concrete5 High
CVE-2021-22954 was published for concrete5/concrete5 (Composer) Feb 11, 2022
Cross Site Request Forgery in intelliants/subrion High
CVE-2020-18326 was published for intelliants/subrion (Composer) Mar 5, 2022
Malfunction of CSRF token validation in Shopware High
CVE-2022-24879 was published for shopware/shopware (Composer) Apr 28, 2022
Mautic Cross-Site Request Forgery (CSRF) High
CVE-2017-8874 was published for mautic/core (Composer) May 13, 2022
Bolt Cross Site Request Forgery (CSRF) High
CVE-2019-10874 was published for bolt/bolt (Composer) May 13, 2022
Moodle cross-site request forgery (CSRF) vulnerability High
CVE-2016-2157 was published for moodle/moodle (Composer) May 13, 2022
MarkLee131
Moodle Cross-site request forgery (CSRF) vulnerability High
CVE-2016-3734 was published for moodle/moodle (Composer) May 13, 2022
MarkLee131
Moodle multiple cross-site request forgery (CSRF) vulnerabilities High
CVE-2015-5338 was published for moodle/moodle (Composer) May 13, 2022
MarkLee131
WPGlobus plugin Stored XSS & CSRF security vulnerability High
CVE-2018-5361 was published for wpglobus/wpglobus (Composer) May 13, 2022
October CMS CSRF High
CVE-2017-16244 was published for october/october (Composer) May 13, 2022
daftspunk
CSRF in baserCMS 3.0.10 and earlier High
CVE-2016-4879 was published for baserproject/basercms (Composer) May 13, 2022
Moodle Login CSRF vulnerability in login form High
CVE-2018-16854 was published for moodle/moodle (Composer) May 13, 2022
ProTip! Advisories are also available from the GraphQL API