
Vulnerability Description =>Cross-Site Request Forgery (CSRF) is an attack that forces an end user to execute unwanted actions on a web application in which they’re currently authenticated. CSRF attacks specifically target state-changing requests, not theft of data since the attacker has no way to see the response to the forged request.
How to exploit:
1. Go to Online Food Ordering Script site(http://readymadescript.org/demo/food-ordering-client/)
⇓ ⇓ ⇓ ⇓

2. Click on sign up and register in using your name, mail, and password
⇓ ⇓ ⇓ ⇓

3. Verify your mail id
⇓ ⇓ ⇓ ⇓

4. Come back again Online Food Ordering Script site and log in into your account
⇓ ⇓ ⇓ ⇓

5. Go to My account then Edit Profile and rename according to you and click on update
⇓ ⇓ ⇓ ⇓

6. Make sure that burp interceptor is on and Then Capture the data
⇓ ⇓ ⇓ ⇓

7. Generate CSRF PoC
⇓ ⇓ ⇓ ⇓

8. Copy the code and save using .html extension
⇓ ⇓ ⇓ ⇓

9. Exploit CSRF on Online Food Ordering Script site
⇓ ⇓ ⇓ ⇓

