Blog
Smart Cross-Site Request Forgery (CSRF)
By Craig Young on Tue, 09/15/2015
All too often, I find that vendors discount the risks associated with attack vectors involving cross-site request forgery (CSRF). Naturally, remediation of vulnerabilities involving user-interaction should generally take a back seat to those that are exposed to completely remote/unauthenticated exploitation, but that doesn’t mean it is OK to simply...