Cross-Site Request Forgery (CSRF) is an attack that forces an end user to execute unwanted actions (such as email change or password change or transferring funds or profile edit etc.) on a web application in which they’re currently authenticated. With a little help of social engineering (such as sending a link via email or chat), an attacker may trick the users of a web application into executing actions of the attacker’s choosing.
Reference Link -
https://owasp.org/www-community/attacks/csrf
