Statements (23)
| Predicate | Object |
|---|---|
| gptkbp:instanceOf |
cybersecurity attack
|
| gptkbp:affects |
web applications
|
| gptkbp:can_be_executed_via |
malicious links
malicious forms |
| gptkbp:cause |
data theft
account compromise unauthorized actions |
| gptkbp:do_not_require |
user interaction with attacker site
|
| gptkbp:documentedIn |
gptkb:OWASP
|
| gptkbp:exploits |
trust of a website in a user's browser
|
| gptkbp:firstDescribed |
2001
|
| gptkbp:fullName |
gptkb:Cross-Site_Request_Forgery_attacks
|
| https://www.w3.org/2000/01/rdf-schema#label |
CSRF attacks
|
| gptkbp:prevention |
gptkb:CSRF_tokens
gptkb:SameSite_cookies checking Referer header user logout |
| gptkbp:relatedTo |
gptkb:XSS_attacks
session management |
| gptkbp:requires |
authenticated user session
|
| gptkbp:target |
state-changing requests
|
| gptkbp:bfsParent |
gptkb:HTTP_POST
|
| gptkbp:bfsLayer |
5
|