What is a CSRF?
CSRF stands for Cross-Site Request Forgery. It is a type of security vulnerability that occurs when an attacker tricks a user's web browser into performing an unwanted action on a website where the user is authenticated. This can happen if the user is simultaneously authenticated on a legitimate website and visits a malicious website that contains a crafted request.
To defend against CSRF attacks, ServiceNow provides the glide.security.csrf.strict.validation.mode System Property, which is used to enable the CSRF token strict validation.
Why is this an issue?
Not implementing CSRF protection poses several risks to the instance, such as:
Unauthorized Actions: Without CSRF protection, attackers can trick authenticated users into unknowingly performing actions on the instance. This can lead to unauthorized changes in account settings, financial transactions, or other sensitive operations.
Data Manipulation: Attackers may exploit CSRF vulnerabilities to manipulate or delete user data on the targeted website, causing data loss or corruption.
Account Compromise: CSRF attacks can be leveraged to perform actions that compromise user accounts, such as changing passwords, email addresses, or other account details.
How do I fix it?
To fix this issue, it is necessary to set the glide.security.csrf.strict.validation.mode property to true. To do so, follow these steps:
In the Filter Navigator, type and enter sys_properties.list.
Search for
glide.security.csrf.strict.validation.mode.Set Value column to true.