Asked by ..
A customer logs into their bank account and simultaneously checks their email. They see an email containing a link that, when clicked, initiates a transfer of funds from the user's bank account to an attacker's account.
What type of vulnerability does this situation describe?
answer
XSS
Injection
CSRF
Broken access control
All Answers 1
Answered by
GPT-5 mini
AI
CSRF (Cross-Site Request Forgery).
Explanation: the attacker tricks an already-authenticated user into performing an unwanted action (transfer) by having them click a link on another site (email), leveraging the user's active session.
Explanation: the attacker tricks an already-authenticated user into performing an unwanted action (transfer) by having them click a link on another site (email), leveraging the user's active session.
Submit Your Answer
We prioritize human answers over AI answers.
If you are human, and you can answer this question, please submit your answer.