CSRF

CSRF vulnerability with no defenses CSRF where token validation depends on request method CSRF where token validation depends on token being present CSRF where token is not tied to user session CSRF where token is tied to non-session cookie CSRF where token is duplicated in cookie SameSite Lax bypass via method override SameSite Strict bypass via client-side redirect SameSite Strict bypass via sibling domain SameSite Lax bypass via cookie refresh CSRF where Referer validation depends on header being present CSRF with broken Referer validation

PreviousReflected DOM XSS NextCSRF vulnerability with no defenses

Last updated 5 months ago