CSRF
(redirected from Cross-site request forgery)

Also found in: Acronyms, Wikipedia

0.01 sec.

CSRF

(Cross-Site Request Forgery) An online forgery that requires knowledge of which Internet-based institutions a person deals with. It is used to steal money or obtain valuable data such as credit card numbers. Also called an "XSRF," "sea surf" and "confused deputy attack," the CSRF is embedded in a fake link or bogus script on a Web page. In either case, the browser executes a malicious transaction such as a wire transfer to the cybercrook's bank.

The CSRF exploit only works if the user is already logged onto the institution's Web site that is being targeted or has recently logged on, in which case a stored cookie used for authentication may still be active. See XSS.

Want to thank TFD for its existence? Tell a friend about us, add a link to this page, add the site to iGoogle, or visit the webmaster's page for free fun content.

?Page tools

Printer friendly
Cite / link

Feedback

Mentioned in	?		References in periodicals archive	?		Encyclopedia browser	?		Full browser	?
No references found			Meanwhile, another WebKit vulnerability can result in cross-site request forgery if a user visits a maliciously crafted web site. Apple releases update to Safari to close seven holes by Dan Kaplan / SC Magazine lt;p>Other methods used include cross-site scripting attacks, where malicious code gets push to on a client machine, and cross-site request forgery, in which a malicious command is executed while the victim is logged into a Web site. Hackers put social networks such as Twitter in crosshairs by Network World Middle East Second, the commercial Enhanced Rule Set (ERS) has been significantly augmented to address the newest attack vectors such as cross-site request forgery (CSRF), remote file inclusion (RFI) and HTTP parameter pollution. Breach Security Enhances ModSecurity Core Rule Set with New Version ... by Business Wire			cross-lamination cross-level cross-linked file cross-magnetizing effect cross-neutralization cross-peen hammer cross-plan house cross-platform cross-platform computing cross-ply cross-pointer indicator cross-polarization cross-pollination cross-post Cross-Quarter Days cross-reacting antibody cross-reacting antigen cross-reacting material cross-reaction cross-referencing program cross-rolling cross-section symbols cross-sectional area cross-sectional study cross-sill Cross-site request forgery cross-staff cross-stone cross-stratification cross-thread cross-tolerance cross-wall construction cross-wire weld crossband crossbanding crossbar crossbar micrometer Crossbar Switch crossbar system crossbeam crossbill Crossbills crossbolt crossbow Crossbreed Crossbreeding Crossbreeding, Induced crosscurrent crosscurrent extraction Crosscut crosscut file			cross-sectional study cross-sectional study cross-sectional study cross-sectional study cross-sectional study cross-sectional study Cross-sectional survey Cross-sectional survey Cross-Sectional Transmission Electron Microscopy cross-sectioned cross-sectioned cross-sectioned cross-sectioned cross-sectioning cross-sectioning cross-sectioning cross-sectioning cross-sections cross-sections cross-sections cross-sections Cross-Sectoral Youth cross-sensitivity cross-sensitization cross-sentential cross-sequential cross-servicing cross-shaped Cross-share holdings cross-sill Cross-site request forgery Cross-site scripting Cross-site scripting cross-slide cross-slides Cross-spale cross-species transplant Cross-Spectral Density Matrix Cross-Spectral Metric Cross-springer Cross-Stack Rapid Transition Cross-staff Cross-staff Cross-State Air Pollution Rule cross-stitch Cross-Stitch Embroidery cross-stitched cross-stitches cross-stitching Cross-stone Cross-stone Cross-Strait Interflow Prospect Foundation cross-stratification cross-stratification Cross-System Coupling Facility Cross-System Product/Query Cross-Taggart Solution Cross-tail cross-targeting (nuclear)

Encyclopedia

Free Tools:	For surfers: Free toolbar & extensions \| Word of the Day \| Help For webmasters: Free content \| Linking \| Lookup box \| Double-click lookup

Disclaimer
All content on this website, including dictionary, thesaurus, literature, geography, and other reference data is for informational purposes only. This information should not be considered complete, up to date, and is not intended to be used in place of a visit, consultation, or advice of a legal, medical, or any other professional.

CSRF (redirected from Cross-site request forgery)

CSRF
(redirected from Cross-site request forgery)