How is XSS different from CSRF?
An interesting discussion, led me to realize this is one of the commonly discussed topic and I thought a blog post for it might be helpful for someone. Cross-site request forgery and Cross-site scripting are both client side attacks which performs action on behalf of users. Just some context here - Cross-site scripting (or XSS) allows an attacker to execute arbitrary JavaScript within the browser of a victim user....