diff --git a/package-lock.json b/package-lock.json
index a101a9d96..3f74d3c14 100644
--- a/package-lock.json
+++ b/package-lock.json
@@ -16,7 +16,7 @@
         "clean-css": "5.3.3",
         "compression": "1.7.4",
         "cookie-parser": "1.4.6",
-        "csrf-csrf": "3.0.6",
+        "csrf-csrf": "3.1.0",
         "es6-template-strings": "2.0.1",
         "execa": "9.3.1",
         "express": "4.20.0",
@@ -2258,9 +2258,9 @@
       }
     },
     "node_modules/csrf-csrf": {
-      "version": "3.0.6",
-      "resolved": "https://registry.npmjs.org/csrf-csrf/-/csrf-csrf-3.0.6.tgz",
-      "integrity": "sha512-FkeKRBhtVhA9rOo9dwU/nHePVtCCsVgQj+OIw/c4BINrjqPWTWuBEd+iB4wfPVuC879OhUqdyPLCRJnAZEX4fQ==",
+      "version": "3.1.0",
+      "resolved": "https://registry.npmjs.org/csrf-csrf/-/csrf-csrf-3.1.0.tgz",
+      "integrity": "sha512-kZacFfFbdYFxNnFdigRHCzVAq019vJyUUtgPLjCtzh6jMXcWmf8bGUx/hsqtSEMXaNcPm8iXpjC+hW5aeOsRMg==",
       "license": "ISC",
       "dependencies": {
         "http-errors": "^2.0.0"
diff --git a/package.json b/package.json
index fe05988f1..3b1266b4f 100644
--- a/package.json
+++ b/package.json
@@ -29,7 +29,7 @@
     "clean-css": "5.3.3",
     "compression": "1.7.4",
     "cookie-parser": "1.4.6",
-    "csrf-csrf": "3.0.6",
+    "csrf-csrf": "3.1.0",
     "es6-template-strings": "2.0.1",
     "execa": "9.3.1",
     "express": "4.20.0",