From 68a02ff176a18c2644f3d47d1810f5bc22887e75 Mon Sep 17 00:00:00 2001
From: Guillaume Husta <guillaume.husta@gmail.com>
Date: Thu, 29 Jan 2026 17:58:27 +0100
Subject: [PATCH] Update Link to CRSF Docs in FAQ

Signed-off-by: Guillaume Husta <guillaume.husta@gmail.com>
---
 docs/modules/ROOT/pages/servlet/appendix/faq.adoc | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/docs/modules/ROOT/pages/servlet/appendix/faq.adoc b/docs/modules/ROOT/pages/servlet/appendix/faq.adoc
index d987b67642..82241cfa37 100644
--- a/docs/modules/ROOT/pages/servlet/appendix/faq.adoc
+++ b/docs/modules/ROOT/pages/servlet/appendix/faq.adoc
@@ -319,7 +319,7 @@ If you have trouble working out where a session is being created, you can add so
 [[appendix-faq-forbidden-csrf]]
 === I get a 403 Forbidden when performing a POST. What is wrong?
 
-If an HTTP 403 Forbidden error is returned for HTTP POST, but it works for HTTP GET, the issue is most likely related to https://docs.spring.io/spring-security/site/docs/3.2.x/reference/htmlsingle/#csrf[CSRF]. Either provide the CSRF Token or disable CSRF protection (the latter is not recommended).
+If an HTTP 403 Forbidden error is returned for HTTP POST, but it works for HTTP GET, the issue is most likely related to xref:features/exploits/csrf.adoc#csrf[CSRF]. Either provide the CSRF Token or disable CSRF protection (the latter is not recommended).
 
 [[appendix-faq-no-security-on-forward]]
 === I am forwarding a request to another URL by using the RequestDispatcher, but my security constraints are not being applied.