Burp Suite User Forum

Create new post

CSRF issue

David | Last updated: Mar 16, 2023 05:01PM UTC

When I run Burp Suite scanner on my website I get the following issue on many pages. "The request appears to be vulnerable to cross-site request forgery (CSRF) attacks against authenticated users." These pages have no forms or inputs on them so I am trying to understand what is triggering this issue. Comparing the 2 responses (the one with the valid referrer domain and the one with the bogus referrer domain) they look the same.

Michelle, PortSwigger Agent | Last updated: Mar 17, 2023 12:17PM UTC

I’m sorry, but our support service is here to provide technical advice with Burp Suite. Unfortunately, we can't provide specific assistance with dissecting/explaining scan individual reports. The issue definition should provide a few more details on the attack and remediation options as well as some links to useful reference materials that may help you manually replicate the issue.

You must be an existing, logged-in customer to reply to a thread. Please email us for additional support.