10 lines
832 B
Plaintext
10 lines
832 B
Plaintext
== See
|
|
|
|
* OWASP - https://owasp.org/Top10/A01_2021-Broken_Access_Control/[Top 10 2021 Category A1 - Broken Access Control]
|
|
* CWE - https://cwe.mitre.org/data/definitions/352[CWE-352 - Cross-Site Request Forgery (CSRF)]
|
|
* OWASP - https://owasp.org/www-project-top-ten/2017/A6_2017-Security_Misconfiguration[Top 10 2017 Category A6 - Security Misconfiguration]
|
|
* OWASP - https://owasp.org/www-community/attacks/csrf[Cross-Site Request Forgery]
|
|
* STIG Viewer - https://stigviewer.com/stig/application_security_and_development/2023-06-08/finding/V-222603[Application Security and Development: V-222603] - The application must protect from Cross-Site Request Forgery (CSRF) vulnerabilities.
|
|
* PortSwigger - https://portswigger.net/research/web-storage-the-lesser-evil-for-session-tokens[Web storage: the lesser evil for session tokens]
|
|
|