how to Cross-Site Request Forgery work

Cross-Site Request Forgery or CSRF can force an end user to unknowingly generate malicious requests to a web server. This attack vector can be exploited in both POST and GET requests. Let's say for example the url endpoint /delete.php?accnt=12 deletes account as passed from accnt parameter of a GET request. Now if an authenticated user will encounter the following script in any other application

the account would be deleted.

Yorum yapmak içinOturum Açın yada Kayıt Olun .