While perform an assessment on a banking web site, you discover the following link:
“ https://smartbank.com/tfer.asp?tfer_to=[account_number]&amnt=[baht] ”
Assuming authenticated banking users can be lured to your web site, which crafted HTML tag
may be used to launch a XSRF attack?