JSON CSRF PoC

What is CSRF?

CSRF is Cross-Site Request Forgery vulnerability which can be used to force an user to conduct unintended actions on a Web Application. Using this flaw an attacker can perform various attacks based on the affected module such as changing Email ID, Password for the User's Account.

CSRF on JSON Endpoint:

Cross-Site Request Forgery on JSON Endpoint using Fetch API as usual HTML Form does not work in API Request due to padding issue.

Below are the required conditions in order to perform this attack:

Authentication Method should be cookie based only
No Authentication Token in Header
Same-Origin Policy should not be enforced

Change the URL and Body from the PoC file to perform the CSRF on JSON Endpoint.

More details on: rootsploit.com

Name		Name	Last commit message	Last commit date
Latest commit History 12 Commits
JSON-CSRF-PoC.html		JSON-CSRF-PoC.html
README.md		README.md

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

Repository files navigation

JSON CSRF PoC

What is CSRF?

CSRF on JSON Endpoint:

Below are the required conditions in order to perform this attack:

About

Uh oh!

Releases

Packages

Languages

rootsploit/JSON-CSRF-PoC

Folders and files

Latest commit

History

Repository files navigation

JSON CSRF PoC

What is CSRF?

CSRF on JSON Endpoint:

Below are the required conditions in order to perform this attack:

About

Topics

Resources

Uh oh!

Stars

Watchers

Forks

Releases

Packages 0

Languages

Packages