CSRF

HTML form without CSRF protection

Vulnerability description
This alert may be a false positive, manual confirmation is required.

Cross-site request forgery, also known as a one-click attack or session riding and abbreviated as CSRF or XSRF, is a type of malicious exploit of a website whereby unauthorized commands are transmitted from a user that the website trusts.

Acunetix WVS found a HTML form with no apparent CSRF protection implemented. Consult details for more information about the affected HTML form.
This vulnerability affects /formtest/form.cfm.
Discovered by: Crawler.
Attack details
Form name: <empty>
Form action: http://od/formtest/form_action.cfm
Form method: POST

Form inputs:

token [Hidden]
username [Text]
userpass [Password]
login [Submit]


 View HTTP headers
Request
GET /formtest/form.cfm HTTP/1.1
Pragma: no-cache
Acunetix-Aspect: enabled
Acunetix-Aspect-Password: 082119f75623eb7abd7bf357698ff66c
Acunetix-Aspect-Queries: filelist;aspectalerts
Cookie: JSESSIONID=84307a2a1f386954cda232165516344e6c30
Host: od
Connection: Keep-alive
Accept-Encoding: gzip,deflate
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; WOW64; Trident/5.0)
Accept: */*

Response
HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
Server: Microsoft-IIS/7.5
X-Powered-By: ASP.NET
Date: Thu, 16 Aug 2012 16:15:55 GMT
Content-Length: 944

View HTML response
Launch the attack with HTTP Editor
Retest alert(s)
Mark this alert as a false positive

The impact of this vulnerability
An attacker may force the users of a web application to execute actions of the attacker's choosing. A successful CSRF exploit can compromise end user data and operation in case of normal user. If the targeted end user is the administrator account, this can compromise the entire web application.

How to fix this vulnerability
Check if this form requires CSRF protection and implement CSRF countermeasures if necessary.