An attacker crafts malicious web links and distributes them (via web
						pages, email, etc.), typically in a targeted manner, hoping to induce users
						to click on the link and execute the malicious action against some
						third-party application. If successful, the action embedded in the malicious
						link will be processed and accepted by the targeted application with the
						users' privilege level.