CSRF Vulnerability #7234
-
|
Regarding the CSRF vulnerability, is there something implemented for this security flaw? |
Beta Was this translation helpful? Give feedback.
Replies: 1 comment 2 replies
-
|
What vulnerability? |
Beta Was this translation helpful? Give feedback.
-
|
All of our applications that are in our domain are pentested to validate possible vulnerabilities, whether using Zep Scanning or the Score Card. They accuse: Absence of Anti-CSRF tokens. |
Beta Was this translation helpful? Give feedback.
-
|
A CSRF token is not really relevant in this case because of how Wiki.js works with its API. It could be revisited in the future for extra security but I don't see it as a vulnerability at the moment. |
Beta Was this translation helpful? Give feedback.
A CSRF token is not really relevant in this case because of how Wiki.js works with its API. It could be revisited in the future for extra security but I don't see it as a vulnerability at the moment.