| Details | |
|---|---|
| Alert ID | 100005 |
| Alert Type | Script Passive |
| Status | alpha |
| Risk | Informational |
| CWE | 352 |
| WASC | 9 |
| Technologies Targeted | All |
| Tags |
CWE-352 |
| More Info |
Scan Rule Help |
Summary
Solution
CSRF possible vulnerabilities presents on the site will be mitigated depending on the browser used by the user (browser defines the support level for this cookie attribute).Other Info
References
- https://tools.ietf.org/html/draft-west-first-party-cookies
- https://chloe.re/2016/04/13/goodbye-csrf-samesite-to-the-rescue