function readOnly(count){ }
Starting November 20, the site will be set to read-only. On December 4, 2023,
forum discussions will move to the Trailblazer Community.
+ Start a Discussion

"CSRF with VF call" MethodInvokeExpr checkmarx issue in VF page

Hi Everyone,
I am getting "CSRF with VF call" MethodInvokeExpr checkmarx issue in the line 1 of the below code.

Please help me to resolve this.
Thanks in advance!

<apex:page lightningStylesheets="true" Controller="XYZ" >
    <apex:form >
    <apex:pageblock id="PageBlock-Id" title="Select New Owner">
        <apex:pageBlockSection >
            <apex:outputfield value="{!objabc.Name}"/><br/>
            <apex:inputField value="{!objabc.OwnerId}"/>
            <apex:inputcheckbox label="Send Notification Email" value="{!sendEmail}" />
        <apex:pageBlockSection title="Create Task and Log Hours" >
            <apex:pageMessages id="PageMsgId" /><br/>
            <apex:outputField value="{!objtask.RecordTypeId}"/>
            <apex:outputField value="{!objtask.Status}"/>
            <apex:inputField value="{!objtask.Priority}"/>
            <apex:outputField value="{!objtask.type}" />
            <apex:inputField value="{!objtask.Time_Logged__c}"/>
            <apex:inputField style="width:240px;" value="{!objtask.Description}"/>
        <div align="center" draggable="false" >
            <apex:commandButton action="{!save}" value="Save" rerender="PageMsgId"/>
PriyaPriya (Salesforce Developers) 
Hi Shreya,

Go to Your VF Page from Setup
Click on Edit button
Find "Require CSRF protection on GET requests" this option in your Page Information just above your vf code block
Make sure you have checked this option to TRUE
Save your page.

Hope this is helpful!