What is a CSRF?
CSRF stands for Cross-Site Request Forgery. It is a type of security vulnerability that occurs when an attacker tricks a user's web browser into performing an unwanted action on a website where the user is authenticated. This can happen if the user is simultaneously authenticated on a legitimate website and visits a malicious website that contains a crafted request.
To defend against CSRF attacks ServiceNow provides a token. These tokens serve as unique identifiers, allowing the ServiceNow server to validate the authenticity of incoming requests and enhance protection against CSRF vulnerabilities.
Why is this an issue?
Not implementing CSRF protection poses several risks to the instance, such as:
Unauthorized Actions: Without CSRF protection, attackers can trick authenticated users into unknowingly performing actions on the instance. This can lead to unauthorized changes in account settings, financial transactions, or other sensitive operations.
Data Manipulation: Attackers may exploit CSRF vulnerabilities to manipulate or delete user data on the targeted website, causing data loss or corruption.
Account Compromise: CSRF attacks can be leveraged to perform actions that compromise user accounts, such as changing passwords, email addresses, or other account details.
How do I fix it?
To fix this issue, it is necessary to check the CSRF protect option on processors of type script. To do so, follow these steps:
In the Filter Navigator, type and enter sys_processor.list.
On the list view, search and click on the processor record.
Check the CSRF protect field and Save.