What is cross site request forgery (CSRF) in web application?

 Posted by Sheonarayan on 10/15/2013 | Category: ASP.NET MVC Interview questions | Views: 15329 | Points: 40
Answer:

Cross Site Request Forgery (CSRF) is a type of attack on the web application or on the website where a malicious user can insert or update data on behalf of the logged in user of the application by giving him a link that is not of the victim website but attackers own website.

In this type of attack the victim website user doesn't know that by clicking on malicious user link he is helping him to update malicious data into his website.

This generally happen by posting data on the victim website by a hidden form and submitting in using JavaScript or jQuery automatically.


Asked In: Many Interviews | Alert Moderator 

Comments or Responses

Login to post response