Statements (26)
| Predicate | Object |
|---|---|
| gptkbp:instanceOf |
gptkb:Common_Weakness_Enumeration
|
| gptkbp:affects |
Web Applications
|
| gptkbp:category |
Security Weakness
|
| gptkbp:cause |
Data Manipulation
Account Compromise Unauthorized Actions |
| gptkbp:citation |
https://cwe.mitre.org/data/definitions/352.html
|
| gptkbp:describes |
A web application vulnerability that allows attackers to induce users to perform actions they do not intend to
|
| gptkbp:foundIn |
gptkb:REST_APIs
gptkb:Single_Page_Applications gptkb:Web_Forms |
| gptkbp:hasIdol |
352
|
| https://www.w3.org/2000/01/rdf-schema#label |
CWE-352
|
| gptkbp:impact |
Confidentiality
Integrity Availability |
| gptkbp:name |
Cross-Site Request Forgery (CSRF)
|
| gptkbp:partOf |
gptkb:CWE
|
| gptkbp:prevention |
SameSite cookie attribute
Use of anti-CSRF tokens User authentication for sensitive actions |
| gptkbp:relatedTo |
gptkb:OWASP_Top_10
gptkb:CWE-601 gptkb:CWE-863 |
| gptkbp:bfsParent |
gptkb:Cross-site_Request_Forgery
|
| gptkbp:bfsLayer |
5
|