1.Previous
3.Next

site's trust in that identity.
* It tricks the user's browser into sending HTTP requests to a target site where the user is already authenticated.
* It involves HTTP requests that have side effects.

History

CSRF Token vulnerabilities have been known and in some cases exploited since 2001. Because it is carried out from the user's IP address, some website logs might not have evidence of CSRF.

1.Previous
3.Next