CompoundStableTop 25 #4

CWE-352Cross-Site Request Forgery (CSRF)

Category: injection

Description

The web application does not, or cannot, sufficiently verify whether a request was intentionally provided by the user who sent the request, which could have originated from an unauthorized actor.

Common consequences· 1

  • Confidentiality / Integrity / Availability / Non-Repudiation / Access Control — Gain Privileges or Assume Identity, Bypass Protection Mechanism, Read Application Data, Modify Application Data, DoS: Crash, Exit, or Restart
    The consequences will vary depending on the nature of the functionality that is vulnerable to CSRF. An attacker could trick a client into making an unintentional request to the web server via a URL, image load, XMLHttpRequest, etc., which would then be treated as an authentic request from the client - effectively performing any operations as the victim, leading to an exposure of data, unintended code execution, etc. If the victim is an administrator or privileged user, the consequences may include obtaining complete control over the web application - deleting or stealing data, uninstalling the product, or using it to launch other attacks against all of the product's users. Because the attacker has the identity of the victim, the scope of CSRF is limited only by the victim's privileges.

Potential mitigations· 5

  • [Architecture and Design]
  • [Implementation]Ensure that the application is free of cross-site scripting issues (CWE-79), because most CSRF defenses can be bypassed using attacker-controlled script.
  • [Architecture and Design]Generate a unique nonce for each form, place the nonce into the form, and verify the nonce upon receipt of the form. Be sure that the nonce is not predictable (CWE-330). [REF-332]
  • [Architecture and Design]Identify especially dangerous operations. When the user performs a dangerous operation, send a separate confirmation request to ensure that the user intended to perform that operation.
  • [Architecture and Design]

Related CAPEC attack patterns· 4

CAPEC-111CAPEC-462CAPEC-467CAPEC-62

References

  1. https://cwe.mitre.org/data/definitions/352.html

Exploits (incoming)4

TypeTargetConfidenceTier
AttackPatternJSON Hijacking (aka JavaScript Hijacking)capec-111100%live
AttackPatternCross Site Request Forgerycapec-62100%live
AttackPatternCross Site Identificationcapec-467100%live
AttackPatternCross-Domain Search Timingcapec-462100%live

Compliance frameworks addressing this (incoming)3

TypeTargetConfidenceTier
ComplianceControlpci_dss_v4-r6100%live
ComplianceControlgdpr-art5100%live
ComplianceControlowasp_llm_top10-llm05100%live

(incoming)143

TypeTargetConfidenceTier
VulnerabilityCVE-2025-0610cve-2025-06100%live
VulnerabilityCVE-2025-0669cve-2025-06690%live
VulnerabilityCVE-2025-11022cve-2025-110220%live
VulnerabilityCVE-2025-11029cve-2025-110290%live
VulnerabilityCVE-2025-11087cve-2025-110870%live
VulnerabilityCVE-2025-11954cve-2025-119540%live
VulnerabilityCVE-2025-12028cve-2025-120280%live
VulnerabilityCVE-2025-12061cve-2025-120610%live
VulnerabilityCVE-2025-12095cve-2025-120950%live
VulnerabilityCVE-2025-12189cve-2025-121890%live
VulnerabilityCVE-2025-12221cve-2025-122210%live
VulnerabilityCVE-2025-12479cve-2025-124790%live
VulnerabilityCVE-2025-12821cve-2025-128210%live
VulnerabilityCVE-2025-12879cve-2025-128790%live
VulnerabilityCVE-2025-1305cve-2025-13050%live
VulnerabilityCVE-2025-1306cve-2025-13060%live
VulnerabilityCVE-2025-13177cve-2025-131770%live
VulnerabilityCVE-2025-13282cve-2025-132820%live
VulnerabilityCVE-2025-13790cve-2025-137900%live
VulnerabilityCVE-2025-13871cve-2025-138710%live
VulnerabilityCVE-2025-13970cve-2025-139700%live
VulnerabilityCVE-2025-13982cve-2025-139820%live
VulnerabilityCVE-2025-14037cve-2025-140370%live
VulnerabilityCVE-2025-1441cve-2025-14410%live
VulnerabilityCVE-2025-14472cve-2025-144720%live
VulnerabilityCVE-2025-15405cve-2025-154050%live
VulnerabilityCVE-2025-1643cve-2025-16430%live
VulnerabilityCVE-2025-1687cve-2025-16870%live
VulnerabilityCVE-2025-20326cve-2025-203260%live
VulnerabilityCVE-2025-22347cve-2025-223470%live

Showing top 30 of 143 by confidence. Click any target to see the full neighbourhood.

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.

CWE
Server-Side Request Forgery (SSRF)
CWE
Unprotected Transport of Credentials
CWE
Direct Request ('Forced Browsing')
CVE
CVE-2025-55057
CWE
Sensitive Cookie with Improper SameSite Attribute
CVE
CVE-2025-46385
Sourced from MITRE CWE 4.20. Curated for EU compliance use cases by Adam Lundqvist, Founder at SQUR.