From dce89c5419bf4d2d2353deda2f191ee4d54f16ef Mon Sep 17 00:00:00 2001 From: Jami Cogswell Date: Wed, 5 Feb 2025 10:57:47 -0500 Subject: [PATCH] Java: update qhelp to align with other csrf queries --- .../CWE/CWE-352/SpringCSRFProtection.qhelp | 22 ++++++++++++++----- 1 file changed, 16 insertions(+), 6 deletions(-) diff --git a/java/ql/src/Security/CWE/CWE-352/SpringCSRFProtection.qhelp b/java/ql/src/Security/CWE/CWE-352/SpringCSRFProtection.qhelp index a7e0b21d7e4b..049ae746df69 100644 --- a/java/ql/src/Security/CWE/CWE-352/SpringCSRFProtection.qhelp +++ b/java/ql/src/Security/CWE/CWE-352/SpringCSRFProtection.qhelp @@ -2,11 +2,21 @@ -

When you set up a web server to receive a request from a client without any mechanism -for verifying that it was intentionally sent, then it is vulnerable to attack. An attacker can -trick a client into making an unintended request to the web server that will be treated as -an authentic request. This can be done via a URL, image load, XMLHttpRequest, etc. and can -result in exposure of data or unintended code execution.

+

+ Cross-site request forgery (CSRF) is a type of vulnerability in which an + attacker is able to force a user to carry out an action that the user did + not intend. +

+ +

+ The attacker tricks an authenticated user into submitting a request to the + web application. Typically, this request will result in a state change on + the server, such as changing the user's password. The request can be + initiated when the user visits a site controlled by the attacker. If the + web application relies only on cookies for authentication, or on other + credentials that are automatically included in the request, then this + request will appear as legitimate to the server. +

@@ -26,7 +36,7 @@ by non-browser clients.

  • OWASP: -Cross-Site Request Forgery (CSRF). +Cross Site Request Forgery (CSRF).
  • Spring Security Reference: