Cross-Site Request Forgery

Cross-Site Request Forgery

A Cross-Site Request Forgery, or CSRF, attack occurs when a malicious website, email, instant message, application, etc. causes a user’s web browser to perform some action on another website where that user is already authenticated, or logged in. Often this occurs without the user knowing the action has occurred. A successful CSRF exploit can compromise end user data and operation, when it targets a normal user. If the targeted end user is the administrator account, a CSRF attack can compromise the entire web application. The impact of a CSRF attack…

Read More