Cross-site Scripting (XSS) and Cross-site request forgery (CSRF) are very common client-site attacks against web applications. While XSS execute scripts in the victim’s machine to gain users privileges the CSRF forge request on the victim’s behalf. It’s safe to say that XSS exploits the browser trust in a legit website while CSRF takes advantage of the website’s trust on the user’s browser. For more details, visit our online portal & know the csrf and xss difference now: www.allari.com
