September
26th,
2006
Google Cross-site Request Forgery
Cross Site Request Forgery is one of those vulnerability classes that can be a bit tricky to explain, so it's always nice to find a decent live example. This one's pretty harmless, just changes your google languange preferences, but I reckon that we'll see a real growth in this kind of problem over the next couple of years as "the bad guys"(tm) keep looking for innovative new ways to attack web apps.