Cross-site request forgery, also known as one-click attack or session riding and abbreviated as CSRF (sometimes pronounced sea-surf [1]) or XSRF, is a type of malicious exploit of a website or web application where unauthorized commands are submitted from a user that the web application trusts. [2]

2024年10月21日 · Cross-site request forgery (also known as XSRF or CSRF) is an attack against web-hosted apps whereby a malicious web app can influence the interaction between a client browser and a web app that trusts that browser. These attacks are possible because web browsers send some types of authentication tokens automatically with every request to a ...

CSRF attacks are also known by a number of other names, including XSRF, “Sea Surf”, Session Riding, Cross-Site Reference Forgery, and Hostile Linking. Microsoft refers to this type of attack as a One-Click attack in their threat modeling process and …

2021年7月31日 · Cross-Site Request Forgery (CSRF or XSRF) is a type of attack on websites. With a successful CSRF attack, an attacker can mislead an authenticated user in a website to perform actions with inputs set by the attacker.

2022年5月12日 · Cross-site request forgery (also known as XSRF or CSRF) is an attack against web-hosted applications whereby a malicious web site can influence the interacti...

CSRF is also known by a number of other names, including XSRF, "sea surf," session riding, cross-site reference forgery, and hostile linking. Microsoft refers to this type of attack as a one-click attack in its threat modeling process and many places in its online documentation.

Cross site request forgery (CSRF or XSRF) refers to an attack that makes the end-user perform unwanted actions within a web application that has already granted them authentication.

2025年1月15日 · Cross site request forgery (CSRF), also known as XSRF, Sea Surf or Session Riding, is an attack vector that tricks a web browser into executing an unwanted action in an application to which a user is logged in.

What is Cross-Site Request Forgery (CSRF)? A cross site request forgery attack is a type of confused deputy* cyber attack that tricks a user into accidentally using their credentials to invoke a state changing activity, such as transferring funds from their account, changing their email address and password, or some other undesired action.

2025年4月3日 · Cross-site request forgery (CSRF), also known as XSRF, Sea Surf, or Session Riding, is a type of cyberattack where a hacker tricks a user into performing actions on a web app without their consent, such as: Changing email addresses; Transferring funds from their accounts; Changing passwords or other undesired actions