You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Our security team is working on the automated detection of session vulnerabilities in opensource web applications, including CSRF. Our analyzer identified that the submitReading function of /site/exhibitionInferenceSite/exhibitionInferenceApp/views.py has been declared as CSRF exempt. After manual analysis, we believe that this practice might leave your application vulnerable to security-relevant CSRF attempts.
Can you take a look into the relevant code parts and comment on the issue?
The text was updated successfully, but these errors were encountered:
To whom it may concern.
Our security team is working on the automated detection of session vulnerabilities in opensource web applications, including CSRF. Our analyzer identified that the submitReading function of /site/exhibitionInferenceSite/exhibitionInferenceApp/views.py has been declared as CSRF exempt. After manual analysis, we believe that this practice might leave your application vulnerable to security-relevant CSRF attempts.
Can you take a look into the relevant code parts and comment on the issue?
The text was updated successfully, but these errors were encountered: