CWE-352

GPTKB entity

Statements (26)
Predicate Object
gptkbp:instanceOf gptkb:Common_Weakness_Enumeration
gptkbp:affects Web Applications
gptkbp:category Security Weakness
gptkbp:cause Data Manipulation
Account Compromise
Unauthorized Actions
gptkbp:citation https://cwe.mitre.org/data/definitions/352.html
gptkbp:describes A web application vulnerability that allows attackers to induce users to perform actions they do not intend to
gptkbp:foundIn gptkb:REST_APIs
gptkb:Single_Page_Applications
gptkb:Web_Forms
gptkbp:hasIdol 352
https://www.w3.org/2000/01/rdf-schema#label CWE-352
gptkbp:impact Confidentiality
Integrity
Availability
gptkbp:name Cross-Site Request Forgery (CSRF)
gptkbp:partOf gptkb:CWE
gptkbp:prevention SameSite cookie attribute
Use of anti-CSRF tokens
User authentication for sensitive actions
gptkbp:relatedTo gptkb:OWASP_Top_10
gptkb:CWE-601
gptkb:CWE-863
gptkbp:bfsParent gptkb:Cross-site_Request_Forgery
gptkbp:bfsLayer 5