You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
ZAP has observed that no anti-CSRF (Cross Site Request Forgery) token is issued by the target system for some URIs. This is a significant risk, since it means an end-user could unknowingly have their account carry out activities on behalf of an attacker. The use of anti-CSRF tokens, e.g., such as those provided by Web frameworks like Django, is an effective way to prevent this.
ZAP has observed that no anti-CSRF (Cross Site Request Forgery) token is issued by the target system for some URIs. This is a significant risk, since it means an end-user could unknowingly have their account carry out activities on behalf of an attacker. The use of anti-CSRF tokens, e.g., such as those provided by Web frameworks like Django, is an effective way to prevent this.
ZAP scan report https://baldin.crc.nd.edu/CRC-Restricted/ScanResults/PresQT/2020/PresQT_QA_ZAP_Scan.html
CRC best practices https://sites.google.com/nd.edu/cbp/home
May need to be on campus or vpn to access links.
The text was updated successfully, but these errors were encountered: