A monster truck forum permit users to upload URLs of their favorite monster truck videos for their friends to view.

An attacker submits a specially crafted URL that includes a call for the forum's internal network resources, and the web application processes the request without proper validation. The internal network, trusting the forum server, complies with the malicious call, permitting the attacker to steal payment information from the internal database.

What vulnerability does this situation describe?

answer

CSRF


Cryptographic failures


XSS


SSRF

Question

A monster truck forum permit users to upload URLs of their favorite monster truck videos for their friends to view.

An attacker submits a specially crafted URL that includes a call for the forum's internal network resources, and the web application processes the request without proper validation. The internal network, trusting the forum server, complies with the malicious call, permitting the attacker to steal payment information from the internal database.

What vulnerability does this situation describe?

answer

CSRF


Cryptographic failures


XSS


SSRF

Your name

Your answer