OWASP Top 10 - A8 Cross site request forgery (CSRF) explained

Cross-site request forgery is basically caused by tabbed browsers sharing session between tabs and automatically sending any cookies to a URL that originated them. An attacker abuses this by calling an action on another site that the user is logged into and without CSRF protection, the target site will not distinguish between user and attacker and carry out the action.

• #science_technology
• #owasp
• #top_10
• #tutorial