An attacker changes the profile information of a particular user (victim) on the…

adminFebruary 7, 2019

An attacker changes the profile information of a particular user (victim) on the

target website. The attacker uses this string to update the victim-s profile to a text file and then submit the data to the attacker-s database.

What is this type of attack

(that can use either HTTP GET or HTTP POST) called?

A. Cross-Site Request Forgery

B. Cross-Site Scripting

C. SQL Injection

D. Browser Hacking

Cross-site request forgery, also known as one-click attack or session riding and abbreviated as CSRF

(sometimes pronounced sea-surf) or XSRF, is a type of malicious exploit of a website where unauthorized commands are transmitted from a user that the website trusts.

Different HTTP request methods, such as GET and POST, have different level of susceptibili

ty to CSRF attacks and require different levels of protection due to their different handling by web browsers.

References:

Get 50% Discount on All Your Purchases
at PrepAway.com - Latest Exam Questions

This is ONE TIME OFFER

Enter your email address to receive your 50% off dicount code:

SPECIAL OFFER: GET 50% OFF

Use Discount Code:

ECCouncil Exam Questions

Free EC-Council Study Guide

An attacker changes the profile information of a particular user (victim) on the…

Leave a Reply Cancel reply