Question

2
Replies
734
Views
_JVV_Sharma Member since 2011 43 posts
PEGA
Posted: 2 years ago
Last activity: 2 years 11 months ago
Closed

Cross Site Request Forgery Attack

While we were having the performance test run on an environment, we saw below alert occurred many times (3600 times or so). ( automated load test with 125 users and 13000 transactions)

Cross Site Request Forgery attack detected and was blocked. Invalid CSRF token sent in request. Token from client : xxxxx, Expected Token = xxxxx

While we doubt that the automation scripts have tried to use inappropriate session ID, anyone can help with quick pointers?

***Edited by Moderator Marissa to remove error****

**Moderation Team has archived post**

This post has been archived for educational purposes. Contents and links will no longer be updated. If you have the same/similar question, please write a new post.

Security
Moderation Team has archived post
Share this page LinkedIn