Ever wished there was an easy way to see if your site is vulnerable to any of the vulnerability categories on the OWASP Top 10 list? The latest addition to the Detectify tool allows you to do just that! Our new OWASP view provides a quick and easy way to check whether your site passes or fails OWASP Top 10 tests.
The eighth vulnerability on the list is Cross-site Request Forgery (CSRF), a vulnerability that allows an attacker to make requests on behalf of a user. CSRF can lead to a wide range of state-changing requests such as changing credentials, transferring funds, and modifying settings being executed on the user’s behalf.
The fifth vulnerability category on the list is called Security Misconfiguration. If a component is susceptible to attack due to an insecure configuration it would classify as security misconfiguration. This is considered the same vulnerability regardless if the misconfiguration happens in the web server, database or, for that matter, custom code.