What is Cross-site request forgery (CSRF)?

Cross-site request forgery (CSRF) occurs when a malicious website, email, blog, instant message, or program causes a user's web browser to perform an unwanted action on a trusted site where the user is currently authenticated.

These attacks can make use of a target system's normal functions -- such as transferring funds, changing passwords, using the target's browser without the knowledge of the target user.

Mitigation strategies:

• Do not rely solely on the presence of a valid sessionID or a cookie.
• Include a unique, single-use value in every response sent to the browser and then validated that token when a request is submitted.
• Require users to re-authenticate for high-risk transactions.

Invest now in Acorns!!! 🚀
Join Acorns and get your $5 bonus!

Acorns is a micro-investing app that automatically invests your "spare change" from daily purchases into diversified, expert-built portfolios of ETFs. It is designed for beginners, allowing you to start investing with as little as $5. The service automates saving and investing. Disclosure: I may receive a referral bonus.

Invest now!!! Get Free equity stock (US, UK only)!

Use Robinhood app to invest in stocks. It is safe and secure. Use the Referral link to claim your free stock when you sign up!.

The Robinhood app makes it easy to trade stocks, crypto and more.

Webull! Receive free stock by signing up using the link: Webull signup.