BEGIN:VCALENDAR
VERSION:2.0
CALSCALE:GREGORIAN
BEGIN:VEVENT
URL:https://www.learndesk.us/class-es/4638723566206976/lesson/1def945fbb2b7182fa84c8ba1ac41162?ref=outlook-calendar
SUMMARY:Cross: Site Request Forgery (CSRF)
DTSTART;TZID=America/Los_Angeles:20260505T190000
DTEND;TZID=America/Los_Angeles:20260505T200000
LOCATION:https://www.learndesk.us/class-es/4638723566206976/lesson/1def945fbb2b7182fa84c8ba1ac41162?ref=outlook-calendar
DESCRIPTION: Un ataque CSRF obliga al navegador de una v&iacute;ctima que ha iniciado sesi&oacute;n a enviar una solicitud HTTP falsificada, incluida la cookie de sesi&oacute;n de la v&iacute;ctima y cualquier otra informaci&oacute;n de autenticaci&oacute;n incluida autom&aacute;ticamente, a una aplicaci&oacute;n web vulnerable. Esto permite al atacante forzar al navegador de la v&iacute;ctima a generar solicitudes que la aplicaci&oacute;n vulnerable procesa como solicitudes leg&iacute;timas de la v&iacute;ctima.
Por ejemplo una pagina del atacante para realizar el ataque contra un usuario logueado al sistema, ser&iacute;a:
html lang="en"&emsp;&emsp;head/head&emsp;&emsp; body&emsp;&emsp; form method="POST" action="http://TARGET_APP_URL_HERE/profile"&emsp;&emsp; h1 You are about to win a brand new iPhone!/h1&emsp;&emsp; h2 Click on the win button to claim it.../h2&emsp;&emsp; input type="hidden" name="bankAcc" value="9999999"/&emsp;&emsp; input type="hidden" name="bankRouting"...

https://www.learndesk.us/class-es/4638723566206976/lesson/1def945fbb2b7182fa84c8ba1ac41162?ref=outlook-calendar
STATUS:CONFIRMED
SEQUENCE:3
BEGIN:VALARM
TRIGGER:-PT10M
DESCRIPTION:Class Reminder
ACTION:DISPLAY
END:VALARM
END:VEVENT
END:VCALENDAR