240.CSRF和XSS的区别 #240

Open

opened

on Jun 29, 2020

CSRF需要登录，获取COOKIE，利用网站本身的漏洞，去请求网站的api
XSS,不需要登录，向网站注入JS代码，执行JS里的代码，篡改网站的内容

Metadata

Assignees

No one assigned

Labels

No labels

No labels

Type

No type

Fields

No fields configured for issues without a type.

Projects

No projects

Milestone

No milestone

Relationships

None yet

Development

No branches or pull requests