Description
The web application does not sufficiently verify inputs that are assumed to be immutable but are actually externally controllable, such as hidden form fields.
CVE vulnerabilities with CWE-472 (136)
9.8
CVSS
CRITICAL
CVE-2025-43930
pub. 2025-07-07
9.8
CVSS
CRITICAL
CVE-2025-43933
pub. 2025-07-07
9.8
CVSS
CRITICAL
CVE-2024-25153
pub. 2024-03-13
9.8
CVSS
CRITICAL
CVE-2021-1289
pub. 2021-02-04
9.8
CVSS
CRITICAL
CVE-2021-1290
pub. 2021-02-04
9.8
CVSS
CRITICAL
CVE-2021-1291
pub. 2021-02-04
9.8
CVSS
CRITICAL
CVE-2021-1292
pub. 2021-02-04
9.8
CVSS
CRITICAL
CVE-2021-1293
pub. 2021-02-04
9.8
CVSS
CRITICAL
CVE-2021-1294
pub. 2021-02-04
9.8
CVSS
CRITICAL
CVE-2021-1295
pub. 2021-02-04
9.6
CVSS
CRITICAL
CVE-2026-14387
pub. 2026-07-01
9.6
CVSS
CRITICAL
CVE-2026-13796
pub. 2026-06-30
9.6
CVSS
CRITICAL
CVE-2026-11088
pub. 2026-06-04
9.4
CVSS
CRITICAL
CVE-2025-66385
pub. 2025-11-28
9.1
CVSS
CRITICAL
CVE-2026-34751
pub. 2026-04-01
8.8
CVSS
HIGH
CVE-2026-14430
pub. 2026-07-01
8.8
CVSS
HIGH
CVE-2026-13938
pub. 2026-06-30
8.8
CVSS
HIGH
CVE-2026-10963
pub. 2026-06-04
8.8
CVSS
HIGH
CVE-2026-10964
pub. 2026-06-04
8.8
CVSS
HIGH
CVE-2026-10965
pub. 2026-06-04
Showing 20 of 136 vulnerabilities