csrf Vulnerability remediation | Community
Skip to main content
A
akank_23
Level 2
June 28, 2021
Solved

csrf Vulnerability remediation

  • June 28, 2021
  • 3 replies
  • 1328 views

Hi  All,

 

WE have csrf vulnerabilty that needs to be remediated.

Please help in remediating this issue.

How we can fix this.

This post is no longer active and is closed to new replies. Need help? Start a new post to ask your question.
Best answer by MarkusBullaAdobe

Hi @akank_23!

Handling potential security vulnerabilities (incl. CSRF) can be a very individual process.

If you are referring to a vulnerability in AEM (the product; not custom code), please check the latest security fixes / service packs and their according release notes. If you have indications that the vulnerability may not yet be addressed, please reach out to Adobes customer care to make them aware of it.

You can reach customer care through the Adobe Admin Console. Please refer to this article on how to access the support portal and how to create a ticket. Some information about properly qualifying your request can be found here.

General recommendation before filing your ticket is:

  • Ensure that you have the latest service packs installed.
  • Ideally, the issue should be reproducible on a "vanilla" instance (means: a plain instance without any custom code). This will help customer care to reproduce the issue on their end.

 

 

 

If you are referring to a vulnerability in your projects code, there is some general advice as mentioned by @ritesh_mittal. Without knowledge about the details, it is hard to give any advice beyond that.

 

Hope that helps!

3 replies

Ritesh_Mittal
Community Advisor and Adobe Champion
Ritesh_MittalCommunity Advisor and Adobe Champion
Community Advisor and Adobe Champion
June 28, 2021

 Hi @akank_23 ,

 

We have documentation available to prevent this-

 

https://experienceleague.adobe.com/docs/experience-manager-65/forms/administrator-help/configure-user-management/preventing-csrf-attacks.html?lang=en

https://experienceleague.adobe.com/docs/experience-manager-65/developing/introduction/csrf-protection.html?lang=en

 

If those are not helping then can you please explain what issue you are facing exactly?

    MarkusBullaAdobe
    Adobe Employee
    MarkusBullaAdobeAdobe EmployeeAccepted solution
    Adobe Employee
    June 28, 2021

    Hi @akank_23!

    Handling potential security vulnerabilities (incl. CSRF) can be a very individual process.

    If you are referring to a vulnerability in AEM (the product; not custom code), please check the latest security fixes / service packs and their according release notes. If you have indications that the vulnerability may not yet be addressed, please reach out to Adobes customer care to make them aware of it.

    You can reach customer care through the Adobe Admin Console. Please refer to this article on how to access the support portal and how to create a ticket. Some information about properly qualifying your request can be found here.

    General recommendation before filing your ticket is:

    • Ensure that you have the latest service packs installed.
    • Ideally, the issue should be reproducible on a "vanilla" instance (means: a plain instance without any custom code). This will help customer care to reproduce the issue on their end.

     

     

     

    If you are referring to a vulnerability in your projects code, there is some general advice as mentioned by @ritesh_mittal. Without knowledge about the details, it is hard to give any advice beyond that.

     

    Hope that helps!

      A
      akank_23Author
      Level 2
      June 28, 2021
      Its about the product not the local site, how can i connect to adobe Customer care ???? @152223
      A
      akank_23Author
      Level 2
      June 28, 2021

      @markusbullaadobe 

      It is about the product,

      how can i connect with Adobe Customer care ??

       

        Terms & ConditionsAccessibility statement

        Loading footer...