Code vulnerable to cross-site request forgery (CSRF) | Clayton Advisor

Code vulnerable to cross-site request forgery (CSRF)

Overview

Cross-site request forgery, also known as one-click attack or session riding and abbreviated as CSRF or XSRF, is a vulnerability that enables attackers to send unauthorised commands that exploit a user's session. Unlike cross-site scripting (XSS), which exploits the trust a user has for a particular site, CSRF exploits the trust that a site has in a user's browser.

Business Impact

Increased risk of data breaches, financial loss, and reputational harm. Eroding customer trust and confidence.

Is your Salesforce solution affected by Code vulnerable to cross-site request forgery (CSRF)?

Clayton detects anti-patterns and offers automated fix advice to kickstart your Well-Architected journey.

Scan your solution

Resources

Incidence

How common is this issue?

6%

lower

Exposure

How long do organizations remain exposed before fixing the problem?

71%

shorter

Frameworks

Trusted

Secure

Session Security

Session Management

A01:2021 – Broken Access Control

Found a mistake?

If you think something is incorrect, missing or misleading please let us know.

Report an error