This application was quite secure and it had this mechanism wherein one request can be sent only once, this validation I think was done by the URL query parameter “OWASP_CSRFTOKEN”. This essentially…