Cross-Domain Search Timing |
CWE-208
|
Observable Timing Discrepancy
|
CWE-352
|
Cross-Site Request Forgery (CSRF)
|
CWE-385
|
Covert Timing Channel
|
|
Cross Site Request Forgery |
CWE-306
|
Missing Authentication for Critical Function
|
CWE-352
|
Cross-Site Request Forgery (CSRF)
|
CWE-664
|
Improper Control of a Resource Through its Lifetime
|
CWE-716
|
OWASP Top Ten 2007 Category A5 - Cross Site Request Forgery (CSRF)
|
CWE-732
|
Incorrect Permission Assignment for Critical Resource
|
CWE-1275
|
Sensitive Cookie with Improper SameSite Attribute
|
|
JSON Hijacking (aka JavaScript Hijacking) |
CWE-345
|
Insufficient Verification of Data Authenticity
|
CWE-346
|
Origin Validation Error
|
CWE-352
|
Cross-Site Request Forgery (CSRF)
|
|
Cross Site Identification |
CWE-352
|
Cross-Site Request Forgery (CSRF)
|
CWE-359
|
Exposure of Private Personal Information to an Unauthorized Actor
|
|