CSRF attack

_____ is a type of attack that tricks site users or

administrators to unknowingly perform malicious actions for the attacker like changing order values and product prices, transfer funds from one account to another, change user passwords to hijack accounts.

For every link or form which invoke state-changing functions with an unpredictable token for each user what attack can be prevented?

Which attack can execute scripts in the user’s browser and is capable of hijacking user sessions, defacing websites or redirecting the user to malicious sites

What happens when an application takes user inputted data and sends it to a web browser without proper validation and escaping?

Attack that exploits the trust that a site has in a user's browser

Which character is most likely to be used for an SQL injection attack

Which of the following attacks occurs when a malicious user convinces a victim to send a request to a server with malicious input and the server echoes the input back to client?

Which of the following is the best way to ensure that JavaScript cannot be used to access a cookie

Which threat is most likely to occur when a POST parameter performs an operation on behalf of a user without checking a shared secret

What threat arises from not flagging HTTP cookies with tokens as secure