If an attacker sends a malicious code for state changing event to a victim and the victim opens that malicious link and clicks on the submit button, can the attack take place when the user is not logged in to the attacked web application?
Aucun commentaire:
Enregistrer un commentaire