Learning Center - What is cross-site request forgery?

A cross-site request forgery attack tricks a victim into using their credentials to invoke a state-changing activity. A cross site request forgery attack is a type of confused deputy (that’s a computer program that is fooled into misusing its authority) cyber attack that tricks a user into accidentally using their credentials to invoke a state changing activity, such as transferring funds from their account, changing their email address and password, or some other undesired action.

While the potential impact against a regular user is substantial, a successful CSRF attack against an administrative account can compromise an entire server, potentially resulting in complete takeover of a web application, API, or other service. Learn more in the Cloudflare Learning Center.

Knowledge in Action
The Cloudflare WAF is available on both the Pro and Business plans, upgrade here.

Screen Shot 2021-12-20 at 2.04.37 PM

1 Like

This topic was automatically closed 15 days after the last reply. New replies are no longer allowed.