Cross-site request forgery

Cross-site request forgery, also known as one-click attack or session riding and abbreviated as CSRF (sometimes pronounced sea-surf) or XSRF, is a type of malicious exploit of a website where unauthorized commands are transmitted from a user that the website trusts.

Description

CSRF vulnerabilities have been known and in some cases exploited since 2001. Because it is carried out from the user's IP address, some website logs might not have evidence of CSRF.

Attackers who can find a reproducible link that executes a specific action on the target page while the victim is logged in there can embed such link on a page they control and trick the victim into opening it.

The attack carrier link may be placed in a location that the victim is likely to visit while logged into the target site (for example, a discussion forum), or sent in a HTML email body or attachment.

A cross-site request forgery is a confused deputy attack against a web browser.

Comparison with cross-site scripting

Unlike cross-site scripting (XSS), which exploits the trust a user has for a particular site, CSRF exploits the trust that a site has in a user's browser.

See also

• BREACH (security exploit)
• Confused deputy problem
• CRIME (security exploit)
• Cross-document messaging
• Cross-site scripting
• Heap spraying
• Replay attack
• Session fixation
• Web application security

External links

• Cross-site request forgery @ Wikipedia