CWE-352
Cross-Site Request Forgery (CSRF)
The web application does not, or cannot, sufficiently verify whether a request was intentionally provided by the user who sent the request, which could have originated from an unauthorized actor.
Official CWE-352 definition at MITREImpactr finds and proves weaknesses like CWE-352 in your web apps and APIs - investigating, chaining, and validating each with a reproducible exploit.
Join the waitlist