[Owasp-leaders] CSRF

Jim Manico jim.manico at owasp.org
Tue May 28 22:20:27 UTC 2013


For sure.

For example, if I can CSRF you to log into a Google account that I
control, I can then track all of your Google searches.

This is edge case, but still viable.

- Jim

> Does CSRF ing a login page make sense to anyone :)
> 
> 
> Eoin Keary
> Owasp Global Board
> +353 87 977 2988
> 
> _______________________________________________
> OWASP-Leaders mailing list
> OWASP-Leaders at lists.owasp.org
> https://lists.owasp.org/mailman/listinfo/owasp-leaders
> 



More information about the OWASP-Leaders mailing list