adporn.net Cross-site request forgery (CSRF) - Cybersecurity Foundations: Application Security Video Tutorial | LinkedIn Learning, formerly Lynda.com

LinkedIn and 3rd parties use essential and non-essential cookies to provide, secure, analyze and improve our Services, and to show you relevant ads (including professional and job ads) on and off LinkedIn. Learn more in our Cookie Policy.

Select Accept to consent or Reject to decline non-essential cookies for this use. You can update your choices at any time in your settings.

Start free trial Sign in

From the course: Cybersecurity Foundations: Application Security

Unlock the full course today

Join today to access over 24,400 courses taught by industry experts.

Cross-site request forgery (CSRF)

Cross-site request forgery (CSRF)

From the course: Cybersecurity Foundations: Application Security

Start my 1-month free trial Buy for my team

Cross-site request forgery (CSRF)

“

- [Narrator] Imagine innocently clicking on a link to your friend's blog only to discover that the link click was responsible for an unsanctioned action on your social media account. Well, this is possible when a cross-site request forgery or CSRF vulnerability is present. With this vulnerability, an attacker is able to trick a victim into making requests to a website that they're authenticated to. Alice decides to log into her social media account and start browsing her feed. She then decides to create a new post and submits. Later she decides to check her email and there's a new message from her friend, Bob. Bob says he's launched a new website and he'd like for her to check it out. Being the good friend that she is, Alice clicks. She checks out the blog and decides to return back to her social media feed. When she refreshes the page on her social media feed, she discovers that an unwelcome comment was posted on her…

Contents