Cross Site Request Forgery

Attacker subverts client DOM.

Using a crafted web page.
Using a vulnerable web page that was subverted.
Using a XSS attack.

Client browser issues requests to external server.

Browser will send cookies authenticating requests.

PreviousDOM XSS NextAvoiding XSS

Last updated 8 months ago