Phabricator: Back - Refresh - Attack To Obtain User Credentials

Back - refresh attack is attack which enables an adversary to obtain application credentials by going by to previous page and re-submitting the expired-document. How to perform: 1. Register to https:///auth/register/ 2. Once registered, press "Back" on the browser window. Now you'll see the...