CSRF (Cross-site Request Forgery)

CSRF is an attack in which an authenticated user is tricked into performing an unwanted action on a site where they are logged in. The attacker uses a malicious request to exploit the victim's active session. Common protections include CSRF tokens, SameSite headers for cookies and server-side validation.