Questions about this topic? Sign up to ask in the talk tab.

Difference between revisions of "XSRF"

From NetSec
Jump to: navigation, search
m
(No difference)

Revision as of 15:52, 18 December 2010

X(cross) Site Request Forgery

This is a combination of an XSS attack and a CSRF attack. Typically the XSS contains code which would manipulate the user's browser in the context of an authenticated session with the actual appropriate http referrer in the HTTP request. This will bypass certain form validation techniques.

Retrieved from "http://nets.ec/index.php?title=XSRF&oldid=1129"