Cross-site Request Forgery

The application was found vulnerable to Cross Site Request Forgery (CSRF) attacks.

  • browser

CSRF is an attack which forces an end-user to execute unwanted actions on a web application with which he is currently authenticated. Applications susceptible of this attack have no way to distinguish legit requests from forged ones.

Impact

A CSRF vulnerability allows attackers to perform silent requests on behalf of the user to alter any stored user information or perform sensitive actions on behalf of the user. For example, a CSRF vulnerability may be used to change the user’s access credentials.

Solution

Urls and Forms that perform important operations must be protected by random tokens (hidden nonce values). These tokens must be checked for validity at the server before the request is processed.

Caveats

CSRF is a vulnerability inherited by the fact that protocols used by the Web were not designed with security in mind. In the case of Web Application, CSRF would not exist if HTTP was able to maintain the state of the connection between the client and the server, a mechanism known as stateful connection.

References

Was this page helpful?