Attacking Sites Using CSRF – Security Simplified

  • Posted by vickieli
  • Date February 1, 2021
CSRF, or Cross-Site Request Forgery, is a technique that allows hackers to carry out unwanted actions on a victim’s behalf. For example, a hacker might be able to change your password or transferring money from your bank account without your permission. Sometimes, faulty CSRF protection mechanisms lead to inconsequential issues like unauthorised setting changes or emptying a user’s cart. Other times, they lead to much bigger issues: user information leak, XSS, and even one-click account takeovers. Today, let’s talk about how you can escalate CSRF issues and a few cases that I have encountered in the wild of CSRFs leading to severe security issues.
Today, let’s talk about how you can escalate CSRF issues and a few cases that I have encountered in the wild of CSRFs leading to severe security issues.
author avatar
vickieli

Infosec nerd. Hacks and secures. Creates god awful infographics.

You may also like

How to Find Hidden Passwords - Hardcoded Credentials
How to Find Hidden Passwords – Hardcoded Credentials
25 April, 2025
Find ANYONE’s Email | GitHub + Google Docs OSINT Hacks!
Find ANYONE’s Email | GitHub + Google Docs OSINT Hacks!
24 April, 2025
Google Paid $150k
Google Paid $150K for THIS SSRF Bug – Learn How to Find It
10 April, 2025

Leave A Reply

Privacy Overview
ZSecurity logo featuring a stylized red letter Z

This website uses cookies so that we can provide you with the best user experience possible. Cookie information is stored in your browser and performs functions such as recognising you when you return to our website and helping our team to understand which sections of the website you find most interesting and useful.

Strictly Necessary Cookies

Strictly Necessary Cookie should be enabled at all times so that we can save your preferences for cookie settings.

3rd Party Cookies

This website uses Google Analytics and Linkedin to collect anonymous information such as the number of visitors to the site, and the most popular pages.

Keeping these cookies enabled helps us to improve our website.

Powered by  GDPR Cookie Compliance