Security Test: GET based CSRF¶

Description¶

Default Severity:

GET based CSRF happens when an attacker tricks a user's browser into making a GET request that changes data or state on a site where the user is already logged in. Because browsers send along cookies automatically, even a hidden, seemingly simple GET can perform actions like modifying data or revealing sensitive information. This vulnerability typically crops up when developers use GET requests for actions that should really modify state, like updating user settings, rather than just retrieving data. The risk is that an unsuspecting user, while browsing another site, might trigger these harmful GET requests, leading to unauthorized transactions or data breaches. Developers should be wary of using GET for anything that changes data and always separate read actions from state-changing ones.

Reference:

https://blog.doyensec.com/2021/05/20/graphql-csrf.html

Configuration¶

Identifier: frontend_request_forgery/csrf_get_based

Examples¶

All configuration available:

checks:
  frontend_request_forgery/csrf_get_based:
    skip: false # default

Compliance and Standards¶

Standard	Value
OWASP API Top 10	API2:2023
OWASP LLM Top 10	LLM06:2023
PCI DSS	`6.5.9`
GDPR	`Article-32`
SOC2	`CC1`
PSD2	`Article-95`
ISO 27001	`A.14.2`
NIST	`SP800-53`
FedRAMP	`SC-7`
CWE	`352`
CVSS Vector	`CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:H/RL:O/RC:C`
CVSS Score	`7.2`