Cross-Site Request Forgery (CSRF)

Cross-Site Request Forgery (CSRF) is an attack that forces an end user to execute unwanted actions on a web application in which they’re currently authenticated. Social engineering platforms are often used by attackers to launch a CSRF attack. Attackers will send users a link via email or chat room to trick users into clicking a URL that contains a maliciously crafted, unauthorized request for a particular Web application. The user's browser then sends this maliciously crafted request to a targeted Web application. In a successful Cross-Site Request Forgery attack, the attacker forces the user to unintentionally perform state changing requests like transferring funds, changing their email address on an account, or change their password, and so forth. If the victim is an administrative account, CSRF can compromise the entire web application.

Contact Radware Sales

Our experts will answer your questions, assess your needs, and help you understand which products are best for your business.

Already a Customer?

We’re ready to help, whether you need support, additional services, or answers to your questions about our products and solutions.

Get Answers Now from KnowledgeBase
Get Free Online Product Training
Engage with Radware Technical Support
Join the Radware Customer Program

Get Social

Connect with experts and join the conversation about Radware technologies.

Radware Blog
Security Research Center