Cross-Site Request Forgery: the Sea Surf
June 6th, 2007
Comments off
Today we talk about Cross Site Request Forgery (also known as XSRF) abbreviated in CSRF, from which pronounce has come the friendly name “Sea Surf” 
Following the previous papers on Cross Site Scripting written by me, i thought it was an obvious step to deal with this theme: here i am then! This kind of vulnerability, which is very common and understimated, permits to make a victim user to send any kind of HTTP request to a website in which he is logged in and trusted in some way.