| Cross Site Request Forgery |
|
CWE-306
|
Missing Authentication for Critical Function
|
|
CWE-352
|
Cross-Site Request Forgery (CSRF)
|
|
CWE-664
|
Improper Control of a Resource Through its Lifetime
|
|
CWE-716
|
OWASP Top Ten 2007 Category A5 - Cross Site Request Forgery (CSRF)
|
|
CWE-732
|
Incorrect Permission Assignment for Critical Resource
|
|
CWE-1275
|
Sensitive Cookie with Improper SameSite Attribute
|
|
| Using Unpublished Interfaces |
|
CWE-306
|
Missing Authentication for Critical Function
|
|
CWE-693
|
Protection Mechanism Failure
|
|
CWE-695
|
Use of Low-Level Functionality
|
|
CWE-1242
|
Inclusion of Undocumented Features or Chicken Bits
|
|
| Force the System to Reset Values |
|
CWE-306
|
Missing Authentication for Critical Function
|
|
CWE-1232
|
Improper Lock Behavior After Power State Transition
|
|
| Choosing Message Identifier |
|
CWE-201
|
Insertion of Sensitive Information Into Sent Data
|
|
CWE-306
|
Missing Authentication for Critical Function
|
|