JIT_V5_N2_RP2 Bharti Nagpal Naresh Chauhan Nanhay Singh Journal on Information Technology 2277-5250 5 2 14 18 CSRF Attack, Vulnerability, CSRF Types, Prevention Cross Site Request Forgery (CSRF) attack is a one-click attack, which is very common and widely known. The CSRF attack involves exploitation of session cookies when the victim is in the active session of their account on a website. The CSRF attack allows the attacker to perform unauthorized activities, which is unknown to the user. An attack is a forged HTTP request which exploits the current session of user in the browser. The attack makes the browser act on the forged HTTP without the knowledge of the user so the most important prevention is browser-based solution. The browser-based solution cannot always work because browser allows third party websites to perform a request to trusted websites. The CSRF attack exploits the trust that a website has in the user's browser. In this paper, the authors have proposed an additional authentication technique to prevent the CSRF attack. March - May 2016 Copyright © 2016 i-manager publications. All rights reserved. i-manager Publications http://www.imanagerpublications.com/Article.aspx?ArticleId=5999