Get the Whitepaper called SDRF Vulnerability in Web Applications and Browsers. Like the known CSRF (Cross-Site Request Forgery) vulnerability, SDRF falsifies HTTP requests of users, but in contrast to CSRF, it forges the requests, that are send by a user to the same domain, where the malicious code, that exploits the vulnerability, is located.
You can download it from the following link: https://packetstormsecurity.com/files/download/92981/onsec-whitepaper-01.eng.pdf
Source: https://packetstormsecurity.com/files/92981/SDRF-Vulnerability-In-Web-Applications-And-Browsers.html