Cross-site request forgery
Description
The applications configuration allows an attacker to trick authenticated users into executing actions without their consent.
Impact
Impersonate a user request to execute malicious actions in the application.
Recommendation
Use of tokens in forms to verify requests done by legitimate users.
Threat
Anonymous attacker from the Internet.
Expected Remediation Time
⏱️ 30 minutes.