JIT_V3_N2_RP3 Bharti Nagpal Naresh Chauhan Nanhay Singh Journal on Information Technology 2277-5250 3 2 13 21 Cross-Site Request Forgery, Web Application Firewall, HTTP, Referrer Header, Same - Origin Policy ,Session Identifier, Action Formulator Cross-Site Request Forgery (CSRF) attack occurs when a malicious web site causes a user’s web browser to perform an unwanted action on a trusted site. These attacks have been called the “sleeping giant” of web-based vulnerabilities, because many sites on the internet fail to protect against them because they have been largely ignored by the web development and security communities. The impact of a successful cross-site request forgery attack is limited to the capabilities exposed by the vulnerable application. This attack could result in a transfer of funds, changing a password, or purchasing an item in the user's context. March - May 2014 Copyright © 2014 i-manager publications. All rights reserved. i-manager Publications http://www.imanagerpublications.com/Article.aspx?ArticleId=2778