Cross-site Request Forgery (CSRF)


Cross-Site Request Forgery (CSRF) is an attack that forces an end user to execute unwanted actions on a web application in which they’re currently authenticated. Social engineering platforms are often used by attackers to launch a CSRF attack. Attackers will send users a link via email or chat room to trick users into clicking a URL that contains a maliciously crafted, unauthorized request for a particular Web application. The user's browser then sends this maliciously crafted request to a targeted Web application. In a successful Cross-Site Request Forgery attack, the attacker forces the user to unintentionally perform state changing requests like transferring funds, changing their email address on an account, or change their password, and so forth. If the victim is an administrative account, CSRF can compromise the entire web application.

Research
Hacker’s Almanac Series I: The Threat Actors

Hacker’s Almanac Series I: The Threat Actors

This is part one of a three part field guide to understanding cybercriminals/threat actors and their tactics, techniques and procedures.

Read more
Research
Hacker’s Almanac Series II: Tactics, Techniques and Procedures

Hacker’s Almanac Series II: Tactics, Techniques and Procedures

This is part two of a three part field guide to understanding cybercriminals/threat actors and their tactics, techniques and procedures.

Read more

Contact Radware Sales

Our experts will answer your questions, assess your needs, and help you understand which products are best for your business.

Already a Customer?

We’re ready to help, whether you need support, additional services, or answers to your questions about our products and solutions.

Locations
Get Answers Now from KnowledgeBase
Get Free Online Product Training
Engage with Radware Technical Support

Get Social

Connect with experts and join the conversation about Radware technologies.

Radware Blog
Security Research Center