□ CSRF(Cross-Site Request Forgery)
○ Summary : Client whose authority is stolen sends fake request to server
○ Attack : Server
○ Purpose : Authority steal
○ Attack : Server
○ Purpose : Authority steal
□ XSS(Cross-Site Scripting)
○ Summary : Malicious script is executed on the client
○ Attack : Client
○ Purpose : CookieγSession extortion, deface web sites. etc.
○ Attack : Client
○ Purpose : CookieγSession extortion, deface web sites. etc.