Same Domain Request Forgery
Variants:
Direct
Vector Type:
Attack
Relevance:
Generic
Layer:
Application-Level
Platforms:
Any
Target Type:
Web Application
Affected Mechanisms:
Anti-CSRF, Secure Design
Invented In:
18/08/2010
Added In:
12/12/2014
Vector Operation Method:
Perform enhanced CSRF attacks by planting CSRF referrals in files included in the target web site, which may or may not already contain CSRF tokens.
