CSRF


Also found in: Dictionary, Acronyms.

CSRF

(Cross-Site Request Forgery) An online forgery that requires knowledge of which Internet-based institutions a person deals with. It is used to steal money or obtain valuable data such as credit card numbers. Also called an "XSRF," "sea surf" and "confused deputy attack," the CSRF is embedded in a fake link or bogus script on a Web page. In either case, the browser executes a malicious transaction such as a wire transfer to the cybercrook's bank.

The CSRF exploit only works if the user is already logged onto the institution's website that is being targeted or has recently logged on, in which case a stored cookie used for authentication may still be active. See XSS.
Mentioned in ?
References in periodicals archive ?
CSRF values diversity in both research participant populations and research methodology, and the articles presented here are a reflection of those values.
For easier handling, the questionnaire was then programmed as an online-based survey that could be filled in by the US patients via an activation link for a homepage sent by e-mail via the CSRF. The homepage was operated by the University Hospital Essen (Germany) and was hosted on a secure server of the hospital.
With nearly half of web apps containing both informational and low security vulnerability risk level such as Insecure Direct Object Reference and Cross-Site Request Forgery (CSRF), it's just like leaving your wallet or unlocked phone lying around in a public place.
Vulnerability Name Responses Injection vulnerability 27 Cross site scripting (xss) 21 Broken authentication and session management 4 Insecure direct object references 1 Cross site request forgery (csrf) 5 Security misconfiguration 1 Failure to restrict url access 2 Invalidated redirects and forwards 1 Insecure cryptographic storage 2 Insufficient transport layer protection 0 Others 22 Mean: 9.31 Std.
The CSRF warns if the industry is to contribute to meeting government targets to reduce all carbon emissions by 80 per cent by 2050, operators will need to join forces to find efficient and innovative solutions to transporting the UK's consumer goods.
This tutorial covers the 10 most common Web application vulnerabilities such as (i) Injection flaws, (ii) Cross-Site Scripting (XSS), (iii) Broken Authentication and Session Management, (iv) Insecure Direct Object References, (v) Cross-Site Request Forgery (CSRF), (vi) Security Misconfiguration, (vii) Insecure Cryptographic Storage, (viii) Failure to Restrict URL Access, (ix) Insufficient Transport Layer Protection, and (x) Invalidated Redirects and Forwards.
Metodo de Ataque: Proporciona informacion detallada acerca de como se vulnero la seguridad y se obtuvo el acceso no autorizado, con los siguientes posibles valores: Abuso de funcionalidad, Automatizacion de procesos, Acceso no autorizado, ARP Spoofing, Bot, Clickjacking, Comando del sistema operativo, Cross Site Request Forgery (CSRF), Cross Site Scripting (XSS), Denegacion de servicio, Desconocido, Divulgacion no intencional, Fuerza bruta, Gusano, Hijacking DNS, Inclusion de archivo local, Inclusion de archivo remoto, Localizacion predecible de recursos, Navegacion forzada, Phishing, Secuestro de dominio, Secuestro de sesion, Spyware, Software de rastreo, SQL Injection, Suplantacion de contenido, Troyano y Virus.
The third edition of Saudi Corporate Social Responsibility Forum (CSRF) will be held in Jeddah from April 9-10.
The large unnoticed flaw was a Cross Site Request Forgery (CSRF) affecting six different and aging broadband router brands handed out by large ISPs in the country.
Aidan O'Brien saddled last year's winner, taking his tally in the race to 11 vvWordsearch P K J HV CSRF SUESAPUSL KMNBVCFPR EWQ T F ASAX FYU IOLZWO I UHGF ERSU YHNGE EWTJ JGZZSDFIJ HH A T R EWDV CTDSPOHET RE XDF VNRJ YR L AV IHCH Find the names of four winners of the Cambridgeshire since 2000 (Names can appear vertically, horizontally, diagonally, backwards or forwards) Answer on page 83 vvAllmi xed up Rearrange the letters to reveal the name of a leading Flat jockey.
They decided to renovate the structure and founded the CsRF ( Csoma's Room Foundation).
Common flaws between the two lists include injection, cross-site scripting (XSS), authentication flaws, and cross-site request forgery (CSRF).