Description: Trick the web page into thinking a user has made a request
Potential Impact: The hacker may get access to an account and will be able to do whatever the account has privileges for, like pose as the account, change details, or if the account is an administrator or account with more privileges, steal or change information from the web page.
Affected part of the application: Different inputs around the page.
Type of vulnerability: Cross-Site Request Forgery (https://cwe.mitre.org/data/definitions/352.html)
Description: Trick the web page into thinking a user has made a request Potential Impact: The hacker may get access to an account and will be able to do whatever the account has privileges for, like pose as the account, change details, or if the account is an administrator or account with more privileges, steal or change information from the web page. Affected part of the application: Different inputs around the page. Type of vulnerability: Cross-Site Request Forgery (https://cwe.mitre.org/data/definitions/352.html)