Cross-Site Request Forgery (CSRF) protection on GET requests on non-setup pages is disabled

Impact area

Security

Severity

Medium

Affected element

Org Config

Rule ID

SF-0157

Impact

Increased vulnerability to Cross-Site Request Forgery (CSRF) attacks.


Remediation

Enable this setting as described in this Salesforce knowledgebase article.

Time to fix

30 min

What's here


Related content

Org Configuration rules