Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

94 advisories

Loading
Moodle has CSRF risk in Feedback non-respondents report High
CVE-2024-43434 was published for moodle/moodle (Composer) Nov 7, 2024
Dolibarr vulnerable to Cross-Site Request Forgery High
CVE-2024-31503 was published for dolibarr/dolibarr (Composer) Apr 17, 2024
Bagisto Cross-Site Request Forgery vulnerability High
CVE-2023-36237 was published for bagisto/bagisto (Composer) Feb 27, 2024
Moodle CSRF risk in analytics management of models High
CVE-2024-34008 was published for moodle/moodle (Composer) May 31, 2024
Moodle CSRF risk in admin preset tool management of presets High
CVE-2024-34001 was published for moodle/moodle (Composer) May 31, 2024
Zend-Navigation vulnerable to Cross-site Scripting High
GHSA-6v7p-5qcq-268c was published for zendframework/zend-navigation (Composer) Jun 7, 2024
Zend-Feed URL Rewrite vulnerability High
GHSA-jmmp-vh96-78rm was published for zendframework/zend-feed (Composer) Jun 7, 2024
Zend-HTTP URL Rewrite vulnerability High
GHSA-cg8w-5jrc-675g was published for zendframework/zend-http (Composer) Jun 7, 2024
silverstripe/graphql Cross-Site Request Forgery vulnerability High
GHSA-wjg9-v8cf-f5q2 was published for silverstripe/graphql (Composer) May 28, 2024
Wikimedia MediaWiki allows CSRF High
CVE-2019-12466 was published for mediawiki/core (Composer) May 24, 2022
eZ Platform CSRF token in login form is disabled by default High
GHSA-45qm-j4m9-whv9 was published for ezsystems/ezplatform (Composer) May 15, 2024
Dolibarr Cross-Site Request Forgery (CSRF) High
CVE-2019-15062 was published for dolibarr/dolibarr (Composer) May 24, 2022
Dolibarr Cross Site Request Forgery (CSRF) High
CVE-2019-1010054 was published for dolibarr/dolibarr (Composer) May 24, 2022
Drupal Cross-Site Request Forgery (CSRF) High
CVE-2017-6379 was published for drupal/core (Composer) May 17, 2022
Moodle vulnerable to Cross-site Request Forgery High
CVE-2023-28335 was published for moodle/moodle (Composer) Mar 23, 2023
Contao CSRF Token Bypass High
CVE-2019-10642 was published for contao/contao (Composer) May 14, 2022
PyroCMS Vulnerable to CSRF High
CVE-2020-25263 was published for pyrocms/pyrocms (Composer) May 24, 2022
ViMbAdmin CSRF Vulnerabilities High
CVE-2017-6086 was published for opensolutions/vimbadmin (Composer) May 17, 2022
Gleez CMS CSRF Allows Adding of Administrator Accounts High
CVE-2018-15845 was published for gleez/cms (Composer) May 14, 2022
Bagisto CSRF Vulnerability High
CVE-2019-14933 was published for bagisto/bagisto (Composer) May 24, 2022
Codiad CSRF Vulnerability High
CVE-2020-14043 was published for codiad/codiad (Composer) May 24, 2022
Subrion CMS Cross-Site Request Forgery (CSRF) vulnerability High
CVE-2019-20390 was published for intelliants/subrion (Composer) May 24, 2022
Duplicate Advisory: Cross-Site Request Forgery in easyii CMS High
CVE-2022-3772 was published for noumo/easyii (Composer) Oct 31, 2022 withdrawn
ThinkCMF Cross Site Request Forgery (CSRF) vulnerability High
CVE-2022-40489 was published for thinkcmf/thinkcmf (Composer) Dec 1, 2022
Grav CMS Cross-Site Request Forgery (CSRF) High
CVE-2020-29553 was published for getgrav/grav (Composer) May 24, 2022
ProTip! Advisories are also available from the GraphQL API