Authentication Checked by Vezraa
Cross-Site Request Forgery (CSRF)
An attack that tricks authenticated users into performing unwanted actions on your app.
CSRF exploits the trust a site has in a user's browser. When a user is logged in, a malicious site can forge requests to your app using their session cookies. Prevent with CSRF tokens, SameSite cookies, or custom headers.