- A type of malicious exploit of a website where unauthorized commands are transmitted from a user that the web application trusts. There are many ways in which a malicious website can transmit such commands; specially-crafted image elements, hidden forms, and JavaScript XMLHttpRequests, for example, can all work without the user’s interaction or even knowledge. Unlike cross-site scripting (XSS), which exploits the trust a user has for a particular site, CSRF exploits the trust that a site has in a user’s browser. ← Wikipedia
This term is sponsored by: your name/company?
- Previous term: Cross-Origin-Embedder-Policy
- Next term: Cross-site script inclusion
- Random term: Relaunch (webglossary.info/random 🎲)