Security Tips
Security Tip: Bypassing CSRF Protection with File Uploads
[Tip#53] Accepting File Uploads from your users is always a risky proposal, but have you considered just how easily uploaded files can be used to bypass CSRF and cookie protections?