Client Side Vulnerabilities / Cross-Site Request Forgery
Cross-Site Request Forgery (CSRF) is an attack vector that exploits the trust a website has for a user. It is a type of attack classified as a client-side attack, where an attacker can send malicious requests in the name of the target user without their knowledge. According to Common Weakness Enumeration (CWE) directory, Cross-Site Request Forgery is listed as CWE-352. The OWASP Testing Guide also includes testing techniques for Cross-Site Request Forgery.
Cross-Site Request Forgery can be a high risk attack vector, as it can be used to perform actions on behalf of a user without their consent or knowledge. This type of attack can be used to gather sensitive information such as credit card details, or to perform unauthorized transactions.
The best way to mitigate Cross-Site Request Forgery attacks is to ensure that any requests sent to the server are authenticated. This can be done by using anti-CSRF tokens, which are randomly generated strings that are sent along with the request and must match with the server's expected value.
The following example code shows an example of a Cross-Site Request Forgery attack:
<html> <body> <form action="http://example.com/transfer.php" method="post"> <input type="hidden" name="amount" value="1000" /> <input type="hidden" name="destination" value="hacker_account" /> <input type="submit" value="Transfer" /> </form> </body> </html>