title: Spring framework exceptions
description: Detects suspicious Spring framework exceptions that could indicate exploitation attempts
author: Thomas Patzke
references:
    - https://docs.spring.io/spring-security/site/docs/current/apidocs/overview-tree.html
logsource:
    category: application
    product: spring
detection:
    keywords:
        - AccessDeniedException
        - CsrfException
        - InvalidCsrfTokenException
        - MissingCsrfTokenException
        - CookieTheftException
        - InvalidCookieException
        - RequestRejectedException
    condition: keywords
falsepositives:
    - Application bugs
    - Penetration testing
level: medium