Transactions without a distinguishable pattern

Summary

Requests that execute transactions must not follow any distinguishable pattern.

Description

empty

Supported In

This requirement is verified in following services

Plan	Supported
Machine	🔴
Squad	🟢

References

CAPEC™-21. Exploitation of trusted identifiers
CAPEC™-31. Accessing/Intercepting/Modifying HTTP cookies
CWE™-352. Cross-site request forgery (CSRF)
PA-DSS-5_2_9. Cross-site request forgery (CSRF)
SANS 25-9. Cross-Site Request Forgery (CSRF)
CMMC-AC_L1-3_1_2. Transaction & function control
HITRUST CSF-09_y. On-line transactions
WASSEC-6_1_2. URL patterns
WASSEC-6_2_3_5. Client-side attacks - Cross-site request forgery
WASC-A_09. Cross-site request forgery
MVSP-3_3. Application implementation controls - Vulnerability prevention
CWE TOP 25-352. Cross-site request forgery (CSRF)
SWIFT CSCF-2_1. Internal data flow security
PCI DSS-6_2_4. Software engineering techniques to prevent or mitigate common software attacks
OWASP ASVS-13_2_3. RESTful web service

Vulnerabilities

007. Cross-site request forgery

free trial

Search for vulnerabilities in your apps for free with our automated security testing! Start your 21-day free trial and discover the benefits of our Continuous Hacking Machine Plan. If you prefer a full service that includes the expertise of our ethical hackers, don't hesitate to contact us for our Continuous Hacking Squad Plan.

Summary​

Description​

Supported In​

References​

Vulnerabilities​

Summary

Description

Supported In

References

Vulnerabilities