CSRF as it will be known as from now on also known as Cross site request forgery is, in my opinion, an underestimated bug that may occur in quite a lot of web applications.The reason for this is because a lot of web devs assume users will be logged in when they view a given page. So unless they are practically wary will not require a user name and password for every single action the user does. Lets face it, this would get really annoying, really fast and make people less likely to want to bother using this site in the future because of all the hassle.
This attack works by submitting data from an attacker defined form to a form of a target site. After a site I often frequent, decided to fix the XSS bug in one of their pages that I used to annoy people with, I decided to sit down for awhile and try to break it again.
Unfortunately blogger won't let me include the html (even when converted to html entities) so here's a pastebin link