Detections
Analytics
Login Form Cross-Site Request Forgery
low Web App Scanning Plugin ID 113332
Language:
Synopsis
Login Form Cross-Site Request ForgeryDescription
Cross Site Request Forgery (CSRF) occurs when an user is tricked into clicking on a link which would automatically submit a request without the user's consent.This can be made possible when the request does not include an anti-CSRF token, generated each time the request is visited and passed when the request is submitted, and which can be used by the web application backend to verify that the request originates from a legitimate user.
Exploiting requests vulnerable to Cross-Site Request Forgery requires different factors:
- The request must perform a sensitive action.
- The attacker must make the victim click on a link to send the request without their consent.
The exploitation of this vulnerability will in most cases have a very limited impact. However, it is possible to create complex scenarios in case the application is also vulnerable to Cross-Site Scripting.
Solution
Update the application by adding support of anti-CSRF tokens on this login form.Most web frameworks provide either built-in solutions or have plugins that can be used to easily add these tokens to any form. Check the references for possible solutions provided for the most known frameworks.
See Also
http://en.wikipedia.org/wiki/Cross-site_request_forgery
http://www.cgisecurity.com/csrf-faq.html
https://codex.wordpress.org/WordPress_Nonces
https://docs.djangoproject.com/en/1.11/ref/csrf/
https://docs.joomla.org/How_to_add_CSRF_anti-spoofing_to_forms
https://symfony.com/doc/current/form/csrf_protection.html
https://www.nccgroup.trust/globalassets/our-research/us/whitepapers/csrf_paper.pdf
https://www.owasp.org/index.php/Cross-Site_Request_Forgery_(CSRF)
https://www.owasp.org/index.php/Testing_for_CSRF_(OTG-SESS-005)
Plugin Details
Severity: Low
ID: 113332
Type: remote
Family: Cross Site Request Forgery
Published: 8/8/2022
Updated: 1/17/2023
Scan Template: full, pci, scan
Risk Information
VPR
Risk Factor: Low
Score: 2.2
CVSS v2
Risk Factor: Low
Base Score: 2.6
Vector: CVSS2#AV:N/AC:H/Au:N/C:N/I:P/A:N
CVSS Score Source: Tenable
CVSS v3
Risk Factor: Low
Base Score: 3.1
Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:N
CVSS Score Source: Tenable
Reference Information
CWE: 352
OWASP: 2010-A5, 2013-A8, 2021-A1
WASC: Cross-Site Request Forgery
DISA STIG: APSC-DV-002500
HIPAA: 164.306(a)(1), 164.306(a)(2)
ISO: 27001-A.12.6.1, 27001-A.14.2.5
NIST: sp800_53-SI-10(5)
OWASP API: 2019-API7, 2023-API8
OWASP ASVS: 4.0.2-4.2.2
PCI-DSS: 3.2-6.5.9