CWE-652

2 active CVEs classified under this weakness category. Sourced from NVD, GHSA, and vendor advisories. Full definition on MITRE →

CVEs classified under CWE-652page 1 of 1

CVE-2023-25015MEDIUMCVSS 6.5EG 6.5
2023-02-02
Clockwork Web before 0.1.2, when Rails before 5.2 is used, allows CSRF.
CVE-2023-28676HIGHCVSS 8.8EG 8.8
2023-04-02
A cross-site request forgery (CSRF) vulnerability in Jenkins Convert To Pipeline Plugin 1.0 and earlier allows attackers to create a Pipeline based on a Freestyle project, potentially leading to remote code execution (RCE).

Map vulnerabilities like CWE-652 to your infrastructure

EchelonGraph correlates every CVE — across CWE-652 and 150+ other weakness categories — against the assets you actually run. See blast radius, fix versions, and remediation steps in one graph.

Start Free Scan →