Cross Site Request Forgery (CSRF) is the second most common web application security exploit, after XSS. CSRF attacks are hard to prove, but it’s hard to know such an exploit is out there. The attack essentially hijacks a users browser to perform actions he or she didnt intend. If the victim is authenticated on the site or the site does not require authentication, the targeted website executes the command without further prompting. The most basic defense is authenticating each user individually before the user can perform risky actions.”]
Source: https://www.csoonline.com/article/2122089/threat-watch–cross-site-request-forgery–csrf-.html