Definition[]
Cross site request forgery is
| “ | a type of malicious exploit where an attacker gains access to and executes unauthorized commands on a target web application (e.g., web interface for a network device or web email client) via the browser of an already authenticated user. The attack is accomplished by tricking a validated user who has logged in and has a session cookie stored in the browser into opening an email message or visiting a webpage with imbedded malicious content.[1] | ” |
References[]
- ↑ Privacy Technical Assistance Center, Cross Site Request Forgery (full-text).