Cross-Site Request Forgery

An attack that forces an authenticated user's browser to send unwanted requests to a web application where they are logged in. The attacker crafts a malicious page that triggers actions (transferring funds, changing email addresses) using the victim's valid session. CSRF exploits the trust a site has in the user's browser.

Definição editorial da DecipherU. Para definições técnicas autoritativas, consulte NIST, ISO, ou o órgão normativo correspondente.