Cross-Site Request Forgery (CSRF) is an attack that forces an end user to execute unwanted actions on a web application in which they’re currently authenticated.

Cross-site request forgery, also known as one-click attack or session riding and abbreviated as CSRF (sometimes pronounced sea-surf[1]) or XSRF, is a type of malicious exploit of a website or web …

Cross-site request forgery (CSRF) is a web security vulnerability that tricks authenticated users into submitting unintended requests.

Cross-site request forgery (also known as CSRF) is a web security vulnerability that allows an attacker to induce users to perform actions that they do not intend to perform.

Introduction This room walks you through Cross-Site Request Forgery (CSRF) — a web vulnerability where an attacker tricks a victim’s browser into performing unintended actions on a site where …

Mar 31, 2026 · In a cross-site request forgery (CSRF) attack, an attacker tricks the user or the browser into making an HTTP request to the target site from a malicious site. The request includes the user's …

CSRF or Cross-Site Request Forgery is an attack on a web application by end-users that have already granted them authentication. Learn how it works, and how hackers construct a CSRF attack.

What is cross-site request forgery (CSRF)? CSRF is a cyber attack that tricks a user into using their credentials to perform unintended actions on a web application where they are authenticated.

What is CSRF? Cross-site request forger y (also known as CSRF) is a web security vulnerability that allows an attacker to induce users to perform actions that they do not intend to perform.

Cross-site request forgery (CSRF) is a web application vulnerability that tricks authenticated users into executing unauthorized actions without their knowledge.