diff --git a/reference/attributes.rst b/reference/attributes.rst
index cf21c5a7c45..f61c78b9a3a 100644
--- a/reference/attributes.rst
+++ b/reference/attributes.rst
@@ -80,6 +80,7 @@ Security
 ~~~~~~~~
 
 * :ref:`CurrentUser <security-json-login>`
+* :ref:`IsCsrfTokenValid <csrf-controller-attributes>`
 * :ref:`IsGranted <security-securing-controller-attributes>`
 
 Serializer
diff --git a/security/csrf.rst b/security/csrf.rst
index 2e2197f1547..0352d7e6f87 100644
--- a/security/csrf.rst
+++ b/security/csrf.rst
@@ -164,6 +164,8 @@ method to check its validity::
         }
     }
 
+.. _csrf-controller-attributes:
+
 Alternatively you can use the
 :class:`Symfony\\Component\\Security\\Http\\Attribute\\IsCsrfTokenValid`
 attribute on the controller action::