.:Computer Defense:.

Earlier today CGISecurity.com released a CSRF/XSRF FAQ. The table of contents / answer questions contains:

• About
• What is Cross Site Request Forgery?
• Who discovered CSRF?
• What can be done with CSRF?
• Is CSRF and Cross-site Scripting the same thing?
• What are common ways to perform a CSRF attack?
• Is this vulnerability limited to browsers?
• Can applications using only POST be vulnerable?
• How can I detect if a website is vulnerable?
• Can CSRF be prevented by implementing referrer checking?
• Has there been a major attack using CSRF?
• What can I do to protect myself as a user?
• What can I do to protect my own applications?
• References and Additional Reading

While I'm not going to repost the entire  FAQ, I'll repost the "What is CSRF" response, for those of you that are unsure of what it is.

What is Cross Site Request Forgery?

Cross Site Request Forgery (also known as XSRF, CSRF, and Cross Site Reference Forgery) works by exploiting the trust that a site has for the user. Site tasks are usually linked to specific urls (Example: http://site/stocks?buy=100&stock=ebay) allowing specific actions to be performed when requested. If a user is logged into the site and an attacker tricks their browser into making a request to one of these task urls, then the task is performed and logged as the logged in user. Typically you'll use Cross Site Scripting to embed an IMG tag or other HTML/JavaScript code to request a specific 'task url' which gets executed without the users knowledge. Injection via light markup languages such as BBCode is also entirely possible. These sorts of attacks are fairly difficult to detect potentially leaving a user debating with the website/company as to whether or not the stocks bought the day before was initiated by the user after the price plummeted.