Question

2
Replies
782
Views
Venkata Viswanatha Sharma Jonnalagadda (_JVV_Sharma)
PEGA
Technical Lead
Pega Systems
IN
_JVV_Sharma Member since 2011 43 posts
PEGA
Posted: October 16, 2017
Last activity: October 16, 2018
Posted: 16 Oct 2017 13:55 EDT
Last activity: 16 Oct 2018 12:03 EDT
Closed

Cross Site Request Forgery Attack

While we were having the performance test run on an environment, we saw below alert occurred many times (3600 times or so). ( automated load test with 125 users and 13000 transactions)

Cross Site Request Forgery attack detected and was blocked. Invalid CSRF token sent in request. Token from client : xxxxx, Expected Token = xxxxx

While we doubt that the automation scripts have tried to use inappropriate session ID, anyone can help with quick pointers?

***Edited by Moderator Marissa to remove error****

**Moderation Team has archived post**

This post has been archived for educational purposes. Contents and links will no longer be updated. If you have the same/similar question, please write a new post.

Security
Moderation Team has archived post, This thread is closed to future replies. Content and links will no longer be updated. If you have the same/similar Question, please write a new Question.