csrf token ,security issue?

0.00/5 (No votes)

See more:

Can you please help me to resolve CSRF issue found during using asp.net 2.0.

Issue description :

[1 of 3] Cross-Site Request Forgery
Severity: Medium
Test Type: Application
Vulnerable URL: https://somesite/somepage.aspx
Remediation Tasks: Decline malicious requests

Reasoning:
The same request was sent twice in different sessions and the same response was received.
This shows that none of the parameters are dynamic (session identifiers are sent only in
cookies) and therefore that the application is vulnerable to this issue.

Posted 28-May-11 16:59pm

hemantwithu

Updated 28-May-11 18:22pm

Dave Kreskowiak

Add a Solution

Comments

Dave Kreskowiak 29-May-11 0:22am

Changed tags - this has nothing to do with VB.NET.

Add your solution here

Treat my content as plain text, not as HTML

Preview 0

…

Existing Members

...or Join us

Download, Vote, Comment, Publish.

Your Email
Password
Forgot your password?

Your Email
This email is in use. Do you need your password?
Optional Password

I have read and agree to the Terms of Service and Privacy Policy
Please subscribe me to the CodeProject newsletters

When answering a question please:

Read the question carefully.
Understand that English isn't everyone's first language so be lenient of bad spelling and grammar.
If a question is poorly phrased then either ask for clarification, ignore it, or edit the question and fix the problem. Insults are not welcome.
Don't tell someone to read the manual. Chances are they have and don't get it. Provide an answer or move on to the next question.

Let's work to help developers, not make them feel stupid.

This content, along with any associated source code and files, is licensed under The Code Project Open License (CPOL)

Last 24hrs

This month

OriginalGriff	30
Chris Copeland	30
Dave Kreskowiak	30
Wonde Tadesse	5
Salvatore Terress	-48

Pete O'Hanlon	2,330
OriginalGriff	1,778
Graeme_Grant	1,160
Richard Deeming	893
Dave Kreskowiak	869