How do you code against CSRF malicious requests?
Posted
by user355950
on Stack Overflow
See other posts from Stack Overflow
or by user355950
Published on 2010-06-01T23:54:09Z
Indexed on
2010/06/02
0:03 UTC
Read the original article
Hit count: 1191
how to Decline malicious requests....
Cross-Site Request Forgery
Severity: Medium
Test Type: Application
Remediation Tasks: Decline malicious requests
Reasoning:
The same request was sent twice in different sessions and the same response was received. This shows that none of the parameters are dynamic (session identifiers are sent only in cookies) and therefore that the application is vulnerable to this issue.
© Stack Overflow or respective owner