How to Manipulate User Credentials with a CSRF Attack
Web 2.0 technology has provided a convenient way to post videos online, keep up with old friends on social media, and even bank from the comfort of your web browser. But when applications are poorly designed or incorrectly configured, certain flaws can be exploited. One such flaw, known as CSRF, allows an attacker to use a legitimate user's session to execute unauthorized requests to the server. CSRF Basics Cross-site request forgery (CSRF) is a type of attack that abuses the trust a web application has for the victim's browser by tricking an authenticated user into submitting unwanted... more
from WonderHowTo https://ift.tt/2LnWCe0
via IFTTT