Dark Reading

CSRF Vulnerability: A 'Sleeping Giant'

If you think Cross-Site Scripting (XSS) is scary and prolific, just wait for the next big Website threat: Cross-Site Request Forgery (CSRF). But security researchers say it's only a matter of time ...
Information Age

How to fix the CSRF vulnerability in popular web frameworks?

True, CSRF is not as common nowadays, but it doesn’t mean it’s not harmful to a web app or website. On the contrary, it can cause big problems for your business and your users. The prominent examples ...
GitHub

thinkdaniel/react-xss-csrf

This lesson is an introduction to Cross-Site Scripting (XSS) and Cross-Site Request Forgery (CSRF), using a simple banking application as an example. On login, the backend will return a JWT, and also ...
GitHub

Web-Application-Vulnerability-Scanner

A Flask-based Web Vulnerability Scanner that detects XSS, SQL Injection, and CSRF vulnerabilities in web applications. This project automates security testing using custom payloads and intelligent ...
CSOonline

Threat Watch: Cross Site Request Forgery (CSRF)

After Cross Site Scripting (XSS), the second most common web application security exploit is probably one you haven’t heard of: Cross Site Request Forgery (or CSRF for short). This little-known but ...
PC World

Latest firmware updates for Asus routers fix CSRF security flaws

Users of Asus RT-N and RT-AC series routers should install the latest firmware updates released for their models because they address vulnerabilities that could allow attackers to hijack router ...