CVE-2026-13243: CWE-352 Cross-Site Request Forgery (CSRF) in Drupal Salesforce Suite
Cross-Site Request Forgery (CSRF) vulnerability in Drupal Salesforce Suite allows Cross Site Request Forgery. This issue affects Salesforce Suite versions: from 0.0.0 to 5.1.3.
Read the full articleYou might also wanna read
Understanding Cross-Site Request Forgery (CSRF) Attacks and Countermeasures
Cross-Site Request Forgery countermeasures can be greatly simplified using request metadata provided by modern browsers.
CWE Top 25 for 2019
In case you weren’t aware of it, there is now a 2019 version of the CWE Top 25 list . This list attempts to rank what are the most important
Microsoft patches high-severity SharePoint RCE vulnerability CVE-2026-45659
A high-severity remote code execution vulnerability (CVE-2026-45659) in SharePoint may be exploited in low-complexity attacks.

WAF - WAF Release - 2026-04-07
This week's release introduces new detections for a critical Remote Code Execution (RCE) vulnerability in MCP Server (CVE-2026-23744), along
Simplified CSRF Protection Without Tokens or Hidden Form Fields for Web Frameworks
A couple of months ago, I received a request from a random Internet user to add CSRF protection to my little web framework Microdot, and I t

WAF - WAF Release - 2026-02-02
This week’s release introduces new detections for CVE-2025-64459 and CVE-2025-24893. Key Findings CVE-2025-64459: Django versions prior to 5

Comments
Sign in to join the conversation.
No comments yet. Be the first.