How do you code against CSRF malicious requests?

Posted by user355950 on Stack Overflow See other posts from Stack Overflow or by user355950
Published on 2010-06-01T23:54:09Z Indexed on 2010/06/02 0:03 UTC
Read the original article Hit count: 1191

Filed under:
|
|

how to Decline malicious requests....

Cross-Site Request Forgery

Severity: Medium

Test Type: Application

Remediation Tasks: Decline malicious requests

Reasoning:

The same request was sent twice in different sessions and the same response was received. This shows that none of the parameters are dynamic (session identifiers are sent only in cookies) and therefore that the application is vulnerable to this issue.

© Stack Overflow or respective owner

Related posts about php

Related posts about security