Cross Site Request Forgery (CSRF) - OWASP Foundation
Cross-Site Request Forgery (CSRF) is an attack that forces an end user to execute unwanted actions on a web application in which they’re currently authenticated.
Cross-site request forgery - Wikipedia
Cross-site request forgery, also known as one-click attack or session riding and abbreviated as CSRF (sometimes pronounced sea-surf[1]) or XSRF, is a type of malicious exploit of a website …
CSRF explained | What is cross-site request forgery? - Cloudflare
What is cross-site request forgery (CSRF)? CSRF is a cyber attack that tricks a user into using their credentials to perform unintended actions on a web application where they are …
XSS vs CSRF | Web Security Academy - PortSwigger
CSRF can be described as a "one-way" vulnerability, in that while an attacker can induce the victim to issue an HTTP request, they cannot retrieve the response from that request.
What Is CSRF (Cross-Site Request Forgery)? - Palo Alto Networks
Cross-site request forgery (CSRF) is a web application cyber attack that abuses the trust a site places in a user’s browser. When a user is authenticated — typically through session cookies …
What is CSRF | Cross Site Request Forgery Example | Imperva
Aug 27, 2025 · Cross site request forgery (CSRF), also known as XSRF, Sea Surf or Session Riding, is an attack vector that tricks a web browser into executing an unwanted action in an …
Cross-Site Request Forgery: Impact and Prevention
Apr 4, 2022 · Cross-Site Request Forgery (CSRF), also known as XSRF, Session Riding, or one-click attacks, is a web security vulnerability that tricks a web browser into executing an …
What Is CSRF (Cross Site Request Forgery)? - Fortinet
CSRF or Cross-Site Request Forgery is an attack on a web application by end-users that have already granted them authentication. Learn how it works, and how hackers construct a CSRF …
Cross-site request forgery (CSRF) - Security | MDN
Oct 17, 2025 · In a cross-site request forgery (CSRF) attack, an attacker tricks the user or the browser into making an HTTP request to the target site from a malicious site. The request …
CSRF Attack: Cross-Site Request Forgery Definition & Defense
Aug 30, 2024 · A CSRF (cross-site request forgery) tricks authenticated users into granting malicious actors access through the authentic user's account. During a cross-site request …