
Vulnerability Description =>Cross-Site Request Forgery (CSRF) is an attack that forces an end user to execute unwanted actions on a web application in which they’re currently authenticated. CSRF attacks specifically target state-changing requests, not theft of data since the attacker has no way to see the response to the forged request.
How to exploit:
Β
1. Go to Online Food Ordering Script site(http://readymadescript.org/demo/food-ordering-client/)
β β β β

2. Click on sign up and register in using your name, mail, and password
β β β β

3. Verify your mail id
β β β β

4. Come back again Online Food Ordering Script site and log in into your account
β β β β

5. Go to My account then Edit Profile and rename according to you and click on update
β β β β

6. Make sure that burp interceptor is on and Then Capture the data
β β β β

7. Generate CSRF PoC
β β β β

8. Copy the code and save using .html extension
β β β β

9. Exploit CSRF on Online Food Ordering Script site
β β β β

