Cross-Site Request Forgery For POST Requests With An XML Body | pentestmonkey

Cross-Site Request Forgery For POST Requests With An XML Body | pentestmonkey

Cross-Site Request Forgery For POST Requests With An XML Body I recently had cause to create a pr...概要を表示 Cross-Site Request Forgery For POST Requests With An XML Body I recently had cause to create a proof-of-concept for a site that seemed to be vulnerable to Cross-Site Request Forgery (CSRF).  I say “seemed” because there was no CSRF protection, but I was finding the XML POST body really hard to forge (It was a SOAP / XMLRPC type request). Eventually Sid from notsosecure.com pointed me in the right

• セキュリティ
• security