Statements (72)
| Predicate | Object |
|---|---|
| gptkbp:instance_of |
gptkb:software
|
| gptkbp:bfsLayer |
5
|
| gptkbp:bfsParent |
gptkb:Forti_Web_Application_Firewall
gptkb:Symfony_Security_Csrf |
| gptkbp:addressed |
user logout mechanisms
|
| gptkbp:affects |
web applications
|
| gptkbp:can_lead_to |
unauthorized actions
|
| https://www.w3.org/2000/01/rdf-schema#label |
Cross-Site Request Forgery
|
| gptkbp:investment |
data integrity
user accounts API endpoints financial transactions web services sensitive transactions |
| gptkbp:is_known_for |
CSRF
XSRF |
| gptkbp:is_often_depicted_as |
Cross-Site Scripting (XSS)
|
| gptkbp:is_protected_by |
user education
input validation user awareness training using HTTPS CAPTCHA challenges using secure coding practices Same Site cookie attribute anti-CSRF tokens checking the HTTP Referer header implementing security best practices implementing security headers session management best practices user agent verification user session expiration using multi-factor authentication using secure frameworks. using secure tokens using security tokens in forms validating requests |
| gptkbp:is_related_to |
session hijacking
|
| gptkbp:is_used_for |
perform actions on behalf of users
|
| gptkbp:is_utilized_in |
form submissions
social engineering tactics malicious links Java Script code malicious redirects |
| gptkbp:is_vulnerable_to |
user authentication
HTTP protocol session management user trust phishing attacks malicious actors data theft trust relationships malicious websites malicious insiders |
| gptkbp:issues |
gptkb:Cloud_Computing_Service
gptkb:Educational_Institution social media platforms e-commerce sites online services web developers online banking |
| gptkbp:recognizes |
security audits
monitoring user activity |
| gptkbp:requires |
user's browser
|
| gptkbp:threats |
user privacy
|
| gptkbp:type_of |
gptkb:terrorist_attack
vulnerability assessment client-side attack security breach web security flaw remote attack social engineering attack web application attack |