Cross-site Request Forgery (CRSF)

TL;DR [Video courtesy of Computerphile] Introduction Cross-site request forgery (CRSF) is one of the top three vulnerabilities in websites today. In a simple example a user may look at the code of your website and copy one of the forms. For example, this form may be responsible for the…

Read this article

Cross Site Scripting (XSS)

Cross site scripting is probably the number one vulnerability in websites today. In simple terms, it is the act of a malicious user injecting JavaScript code into a website, usually through an input form. That JavaScript is then loaded later, such as in a comments page and executed by other…

Read this article