Princeton researchers released a research paper yesterday which documents Cross-Site Request Forgery vulnerabilities in 4 well known commercial websites (ING Direct, NY Times, Youtube, and Metafilter). It makes for interesting reading.
About the Author
Stuart Moncrieff is a performance testing consultant based in Melbourne, Australia. He holds a Bachelor of Computer Systems Engineering (hons), and is a Mercury Certified Product Consultant and Certified Instructor.