tag:blogger.com,1999:blog-8503755746105415394.post-77392911694354362412008-03-20T19:16:00.010Z2008-03-20T19:29:18.434ZXSRF and threat ratingsReaders who are relatively long in the tooth will remember the sweet, carefree days before the web was blighted by cross-site request forgery (XSRF). Like or loathe these vulnerabilities, they are here to stay, and as penetration testers we need to look for and report them.One often overlooked aspect of the arrival of XSRF is that it obliges us to reassess the threat ratings associated with some PortSwiggerhttp://www.blogger.com/profile/04744809054520271899noreply@blogger.com