Detectify
Knowledge Base

Back to Knowledge Base

Support Center

CSRF

Last Updated: Sep 05, 2017 05:05PM CEST

An attacker can force the user to submit data of the attacker’s choice. In short, the attacker can make changes and post data on behalf of the user.

What can happen?

The impact depends on the kind of input that is vulnerable against CSRF. A common example is to change settings, e.g. disabling authorisation, changing passwords or emails, etc.

When the vulnerable field s the login field, this vulnerability is called Login CSRF. Our article explaining Login CSRF covers some additional examples. 

Code example and remediation

See our article about Login CSRF for code example and remediation: http://support.detectify.com/customer/portal/articles/1969819-login-csrf



Video

Resources

support@detectify.com
https://cdn.desk.com/
false
desk
Loading
seconds ago
a minute ago
minutes ago
an hour ago
hours ago
a day ago
days ago
about
false
Invalid characters found
/customer/en/portal/articles/autocomplete