CSRF

Also found in: Acronyms, Wikipedia

0.06 sec.

CSRF

(Cross-Site Request Forgery) An online forgery that requires knowledge of which Internet-based institutions a person deals with. It is used to steal money or obtain valuable data such as credit card numbers. Also called an "XSRF," "sea surf" and "confused deputy attack," the CSRF is embedded in a fake link or bogus script on a Web page. In either case, the browser executes a malicious transaction such as a wire transfer to the cybercrook's bank.

The CSRF exploit only works if the user is already logged onto the institution's Web site that is being targeted or has recently logged on, in which case a stored cookie used for authentication may still be active. See XSS.

How to thank TFD for its existence? Tell a friend about us, add a link to this page, add the site to iGoogle, or visit webmaster's page for free fun content.

?Page tools

Printer friendly
Cite / link

Email
Feedback

? Mentioned in

clickjacking

confused deputy attack

CRSF

sea surf

XSRF

Encyclopedia browser

? Full browser

CSP
CSP BGA
CSP-S
CSP/80
CSP/k
CSPS
CSR
CSRF
CSS
CSS/II
CSS1
CSS2
CSSA
CSSB system
CSSL

Encyclopedia

Free Tools:	For surfers: Free toolbar & extensions \| Word of the Day \| Help For webmasters: Free content \| Linking \| Lookup box \| Double-click lookup \| Partner with us

All content on this website, including dictionary, thesaurus, literature, geography, and other reference data is for informational purposes only. This information should not be considered complete, up to date, and is not intended to be used in place of a visit, consultation, or advice of a legal, medical, or any other professional. Terms of Use.