-
标题
The activity log shows an antiforgery token has failed to refresh for a user, is this a security risk? -
说明
The activity log within TPAM is logging failed refresh operations for antiforgery tokens. Is this a security risk? -
原因
This type of object is logged when a user attempts to access or use the system with erroneous token information, which means that the system does not validate the authentication due to an inconsistency in the token data in order to avoid cross-site scripting attacks (XSS).
This can happen anytime TPAM detects that a user's credentials have been altered, such as using multiple tabs or windows to access the web interface, and one tab is left inactive for a period of time while others are being used, and then the stale tab is refreshed or used again.
TPAM generates a few tokens (codes) that allows it to detect the user's identity, if one of them fails then TPAM rejects the session and adds a warning to the activity log.
For more information on cross-site scripting (XSS) attacks, please refer to https://excess-xss.com/
-
解决办法
The user should close any stale tabs and will be required to re-enter credentials to continue using the web interface.